File MD5Sum | SHA1SUM | SHA256SUM | FUZZY HASH | File Size |
---|---|---|---|---|
aacdc783b5681ce6d269e086e70d85de | de90d290a91c5b8fcc6cf90628d52ec6cd648f53 | e71b27edfd371f056739e64615784047960d31c0ec9c5cba2f4ac15fe35d76dd | 12288:5yVaekvacnivjzx5iuS/Woh5utDb/kCH3qu0B1WUakdrVAaS3:Y+bibbiuS5hwxDzWXNa4r+aS | 584324 |
File Name |
---|
xxx%5Fvideo%5F836674.avi.exe |
xxx%5Fvideo%5F683.avi.exe |
www.mjsn.org.exe |
statistics.php.exe |
l.php.exe |
index.php.exe |
in.cgi%3F2.exe |
hcp.php.exe |
exe.exe |
counter.php.exe |
amor.exe |
Snort Class | Snort Alert | Count |
---|---|---|
N/A | No snort alerts generated | 0 |
AV Alert | AV Vendor |
---|
Path | Folder Name |
---|
Action | Path | File Name |
---|
Action | Path |
---|
Action | Path | Val_Name | Val_Data |
---|
Action | Path | Val_Name | Val_Type | Mod_Val_Type | Val_Data | Mod_Val_Data |
---|
Action | Path | Val_Name | Val_Data | Mod_Val_Data |
---|---|---|---|---|
modified | HKLM/SOFTWARE/Microsoft/Cryptography/RNG | Seed | 98 0D 56 B1 C2 97 75 EE 62 1F B6 71 C8 09 E5 2F B8 DC 1C 5D 4E 40 FF CA 46 7D 9A | 63 F6 AB D7 6D 49 E2 D4 55 3A A3 F6 E6 78 43 9D CE 67 6D 46 87 7A 21 A5 B0 00 3 |
modified | HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation | ProgramCount | 0x00000002 | 0x00000001 |
modified | HKLM/SOFTWARE/Microsoft/Cryptography/RNG | Seed | 6E 6C D6 F4 54 E7 82 07 FF 78 4F 81 5F 07 4D C4 8C 97 A6 2D DF 85 75 A7 41 5C 9A | C6 21 9C 42 95 46 9C 9A 12 A7 EF 57 79 98 1A 66 C8 E0 90 FC 26 F0 0C A4 BE 04 5 |
modified | HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation | ProgramCount | 0x00000002 | 0x00000001 |
modified | HKLM/SOFTWARE/Microsoft/Cryptography/RNG | Seed | 55 5F D9 7A C9 02 34 7D 3A 9E 62 35 45 71 1D 05 CA C1 D7 3B 54 A6 96 4F 9D 18 0D | BF 0D 21 42 1C BF 87 E2 0A 24 01 80 3A 05 B0 97 AA A4 67 EE 87 6E 31 DD 85 B1 9 |
modified | HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation | ProgramCount | 0x00000002 | 0x00000001 |
modified | HKLM/SOFTWARE/Microsoft/Cryptography/RNG | Seed | ED 03 53 B8 A0 81 22 21 1C AA AC FE 74 AE 9F 15 FB 90 1E F0 B7 95 2C 8C 2C C2 2F | F6 74 8A 71 E0 0D 99 CD 24 27 A1 75 EC 4B 96 4B 22 6B 1A 87 F0 9D 0A 0E CD FA 2 |
modified | HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation | ProgramCount | 0x00000002 | 0x00000001 |
DNS | DNS Response |
---|---|
multiserviciosblackcat.co.cc | Standard query response A 72.14.253.104 |
multiserviciosblackcat.co.cc | Standard query response A 209.51.159.34 |
DstIP | HTTP_HOST | HTTP_REQUEST_URI | HTTP_USER_AGENT | PROTOCOL |
---|---|---|---|---|
239.255.255.250 | 239.255.255.250:1900 | * | --blank-- | 0x11 |
PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|---|---|---|---|
17 | 2 | 0 | 350 | 0 |
DPORT | PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|---|---|---|---|---|
1900 | 17 | 2 | 0 | 350 | 0 |
Time | Date | Protocol | SrcIP | DstIP | Dir | Flags | Sport | Dport | Pkts | Bytes |
---|---|---|---|---|---|---|---|---|---|---|
17:17:15 | 2010-08-17 | 17 | 10.10.10.7 | 239.255.255.250 | -> | e | 8 | 1900 | 2 | 350 |
22:40:48 | 2010-08-17 | 17 | 10.10.10.7 | 239.255.255.250 | -> | e | 8 | 1900 | 2 | 350 |
09:36:57 | 2010-08-18 | 17 | 10.10.10.7 | 239.255.255.250 | -> | e | 8 | 1900 | 2 | 350 |
03:11:17 | 2010-08-19 | 17 | 10.10.10.7 | 239.255.255.250 | -> | e | 8 | 1900 | 2 | 350 |
Packer Name |
---|
Honey Trap Log File Location |
---|
PTFB Log File Location |
---|