**** Malware_Report_-_Results ****
This report shows all the different areas TAZER analyzes for the sample: Host, Network Activity, and Detection.

Malware Search Criteria:
MD5 =a809e0d86320e5dfe61e522ee7e83598

**** Malware_Report_-_Results ****
 _____________________________________________________________________________________________________________________________________________________________________________________________________________________________________
|File_MD5Sum_____________________|SHA1SUM_________________________________|SHA256SUM_______________________________________________________|FUZZY_HASH______________________________________________________________________|File_Size|
|a809e0d86320e5dfe61e522ee7e83598|f29f98c3bad266ea93125dca0f3d936709633b79|60d958074ec62d13e82dc242c1538b662b7a45da0e3455f219931c9dc1177010|6144:g27gCbTehEqclWYaci7TJxzdGazSDKTsmReZGVlSl55jA5PaZ8OTKbV:g27/bTehEqclr85imIZ|276448___|
**** File_Results ****
 ________________
|File_Name_______|
|Photo%2D5876.exe|
**** SNORT_Results ****
 ___________________________________________
|Snort_Class|Snort_Alert______________|Count|
|N/A________|No_snort_alerts_generated|0____|
**** AV_Results ****
 __________________
|AV_Alert|AV_Vendor|
|N/A_____|Symantec_|
|N/A_____|McAfee___|
|N/A_____|Kaspersky|
**** Folders_(Added)_-_ICC_Results ****
 ______________________________________________________________________________________________
|Path_________________________________________________________________|Folder_Name_____________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5|MSHist012011100520111006|
**** Files_(Added)_-_ICC_Results ****
 _______________________________________________________________________________________________________________________
|Path__________________________________________________________________________________________|File_Name_______________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5/MSHist012011100520111006|index.dat_______________|
|c:/Documents_and_Settings/dmc73144/Recent_____________________________________________________|0000q0hb.jpg.lnk________|
|c:/Documents_and_Settings/dmc73144/Recent_____________________________________________________|dmc73144.lnk____________|
|c:/Documents_and_Settings/dmc73144____________________________________________________________|0000q0hb.jpg____________|
|c:/WINDOWS/Prefetch___________________________________________________________________________|AUTOIT3.EXE-32361418.pf_|
|c:/WINDOWS/Prefetch___________________________________________________________________________|CHCP.COM-18156052.pf____|
|c:/WINDOWS/Prefetch___________________________________________________________________________|REGSHOT.EXE-010A5EE6.pf_|
|c:/WINDOWS/Prefetch___________________________________________________________________________|RNM.EXE-04823DAF.pf_____|
|c:/WINDOWS/Prefetch___________________________________________________________________________|RUNDLL32.EXE-369A6B7A.pf|
|c:/WINDOWS/Prefetch___________________________________________________________________________|SANDNET.EXE-2012C478.pf_|
|c:/WINDOWS/Prefetch___________________________________________________________________________|TASKKILL.EXE-0A8306E3.pf|
|c:/WINDOWS/SoftwareDistribution/DataStore/Logs________________________________________________|tmp.edb_________________|
|c:/WINDOWS/system32/drivers/etc_______________________________________________________________|hlsts___________________|
**** Files_(Deleted)_-_ICC_Results ****
 _____________________
|Action|Path|File_Name|
**** Files_(Changed)_-_ICC_Results ****
 ________________________________________________________________________________________________________________________
|Action__|Path__________________________________________________________________________________|File_Name_______________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies____________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5_________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144____________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|ATTRIB.EXE-39EAFB02.pf__|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|DIEP.EXE-0B3E1DC8.pf____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|HSTART.EXE-221D72BF.pf__|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|WMIPRVSE.EXE-28F301A9.pf|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|WUAUCLT.EXE-399A8E72.pf_|
|modified|c:/WINDOWS/SoftwareDistribution/DataStore_____________________________________________|DataStore.edb___________|
|modified|c:/WINDOWS/SoftwareDistribution/DataStore/Logs________________________________________|edb.chk_________________|
|modified|c:/WINDOWS/SoftwareDistribution/DataStore/Logs________________________________________|edb.log_________________|
|modified|c:/WINDOWS/system32/drivers/etc_______________________________________________________|hosts___________________|
|modified|c:/WINDOWS____________________________________________________________________________|WindowsUpdate.log_______|
**** Registry_Keys_(Added)_-_ICC_Results ****
 _______________________________________________________________________________________________________________________________________________________________________
|Action|Path____________________________________________________________________________________________________________________________________________________________|
|added_|HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/WindowsUpdate/Reporting/RebootWatch______________________________________________________________________________|
|added_|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Explorer/RecentDocs/.jpg_____________________________________________|
|added_|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/5.0/Cache/Extensible_Cache/MSHist012011100520111006|
|added_|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/WinRAR_SFX____________________________________________________________________________________________|
**** Registry_Values_(Added)_-_ICC_Results ****
 ______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________
|Action|Path____________________________________________________________________________________________________________________________________________________________|Val_Name_____________________________________|Val_Data________________________________________________________________________|
|added_|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Explorer/RecentDocs__________________________________________________|9____________________________________________|30_00_30_00_30_00_30_00_71_00_30_00_68_00_62_00_2E_00_6A_00_70_00_67_00_00_00_58|
|added_|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Explorer/RecentDocs__________________________________________________|10___________________________________________|64_00_6D_00_63_00_37_00_33_00_31_00_34_00_34_00_00_00_4C_00_32_00_00_00_00_00_00|
|added_|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Explorer/RecentDocs/Folder___________________________________________|4____________________________________________|64_00_6D_00_63_00_37_00_33_00_31_00_34_00_34_00_00_00_4C_00_32_00_00_00_00_00_00|
|added_|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Explorer/RecentDocs/.jpg_____________________________________________|0____________________________________________|30_00_30_00_30_00_30_00_71_00_30_00_68_00_62_00_2E_00_6A_00_70_00_67_00_00_00_58|
|added_|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Explorer/RecentDocs/.jpg_____________________________________________|MRUListEx____________________________________|00_00_00_00_FF_FF_FF_FF_________________________________________________________|
|added_|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/5.0/Cache/Extensible_Cache/MSHist012011100520111006|CachePath____________________________________|"%USERPROFILE%Local_SettingsHistoryHistory.IE5MSHist012011100520111006"_________|
|added_|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/5.0/Cache/Extensible_Cache/MSHist012011100520111006|CachePrefix__________________________________|":2011100520111006:_"___________________________________________________________|
|added_|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/5.0/Cache/Extensible_Cache/MSHist012011100520111006|CacheLimit___________________________________|0x00002000______________________________________________________________________|
|added_|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/5.0/Cache/Extensible_Cache/MSHist012011100520111006|CacheOptions_________________________________|0x0000000B______________________________________________________________________|
|added_|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/5.0/Cache/Extensible_Cache/MSHist012011100520111006|CacheRepair__________________________________|0x00000000______________________________________________________________________|
|added_|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/ShellNoRoam/MUICache________________________________________________________________|C://Documents_and_Settings//dmc73144//rnm.exe|"rnm"___________________________________________________________________________|
|added_|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/WinRAR_SFX____________________________________________________________________________________________|C%%Documents_and_Settings%dmc73144___________|"C:/Documents_and_Settings/dmc73144"____________________________________________|
**** Registry_Values_(Deleted)_-_ICC_Results ****
 ________________________________________________________________
|Action|Path|Val_Name|Val_Type|Mod_Val_Type|Val_Data|Mod_Val_Data|
**** Registry_Values_(Changed)_-_ICC_Results ****
 ____________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________
|Action__|Path_________________________________________________________________________________________________________________|Val_Name___________|Val_Data________________________________________________________________________|Mod_Val_Data____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG_____________________________________________________________________________|Seed_______________|EA_9C_B7_7E_03_1A_85_47_7D_09_C6_78_09_D1_C5_A4_A6_8A_43_11_26_EE_5A_22_15_12_F3|A6_06_77_7E_C6_9F_3A_47_12_F4_75_88_D6_D6_45_6D_B2_15_32_7C_39_C3_18_A6_64_BD_41|
|modified|HKLM/SYSTEM/ControlSet001/Services/Eventlog/Application/ESENT________________________________________________________|EventMessageFile___|"c______________________________________________________________________________|"C:WINDOWSsystem32ESENT.dll"____________________________________________________|
|modified|HKLM/SYSTEM/ControlSet001/Services/Eventlog/Application/ESENT________________________________________________________|CategoryMessageFile|"c______________________________________________________________________________|"C:WINDOWSsystem32ESENT.dll"____________________________________________________|
|modified|HKLM/SYSTEM/CurrentControlSet/Services/Eventlog/Application/ESENT____________________________________________________|EventMessageFile___|"c______________________________________________________________________________|"C:WINDOWSsystem32ESENT.dll"____________________________________________________|
|modified|HKLM/SYSTEM/CurrentControlSet/Services/Eventlog/Application/ESENT____________________________________________________|CategoryMessageFile|"c______________________________________________________________________________|"C:WINDOWSsystem32ESENT.dll"____________________________________________________|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Explorer/RecentDocs_______|MRUListEx__________|03_00_00_00_02_00_00_00_00_00_00_00_08_00_00_00_07_00_00_00_06_00_00_00_05_00_00|0A_00_00_00_09_00_00_00_03_00_00_00_02_00_00_00_00_00_00_00_08_00_00_00_07_00_00|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Explorer/RecentDocs/Folder|MRUListEx__________|01_00_00_00_03_00_00_00_02_00_00_00_00_00_00_00_FF_FF_FF_FF_____________________|04_00_00_00_01_00_00_00_03_00_00_00_02_00_00_00_00_00_00_00_FF_FF_FF_FF_________|
**** DNS_Results ****
 ________________
|DNS|DNS_Response|
**** URL_Results ****
 _________________________________________________________
|DstIP|HTTP_HOST|HTTP_REQUEST_URI|HTTP_USER_AGENT|PROTOCOL|
**** ARGUS_PROTOCOL_Results ****
 ______________________________________________
|PROTOCOL|SRC_PKTS|DST_PKTS|SRC_BYTES|DST_BYTES|
**** ARGUS_DPORT_Results ****
 ____________________________________________________
|DPORT|PROTOCOL|SRC_PKTS|DST_PKTS|SRC_BYTES|DST_BYTES|
**** ARGUS_DATA_Results ****
 _______________________________________________________________
|Time|Date|Protocol|SrcIP|DstIP|Dir|Flags|Sport|Dport|Pkts|Bytes|
**** Packer_Results ****
 ___________
|Packer_Name|
**** HoneyTrap_Results ****
 ____________________________
|Honey_Trap_Log_File_Location|
**** PTFB_Results ****
 ______________________
|PTFB_Log_File_Location|