File MD5Sum | SHA1SUM | SHA256SUM | FUZZY HASH | File Size |
---|---|---|---|---|
f0312ec19187d872fadeca68db88745b | c6d5da74cbdc83d3f792a8b70816be5e1256e9c6 | 57b65bc0583fa69a17b7644018d0ff237f346e2937e449a0e9d72cb199f27a82 | 6144:EcWMJJhqryYP/daqlzV4GA3Fkk7rzPDCykQSt4lHl+BKg5ZIZULk:EczJJhqrVPldVzA3FB7fPD | 279471 |
File Name |
---|
derwartgroup.exe |
Snort Class | Snort Alert | Count |
---|---|---|
N/A | No snort alerts generated | 0 |
AV Alert | AV Vendor |
---|---|
N/A | Symantec |
Generic | McAfee |
Trojan.Win32.FakeTest.c | Kaspersky |
Artemis!F0312EC19187 | McAfee |
Path | Folder Name |
---|---|
c:/Documents and Settings/dmc73144 | test |
Action | Path | File Name |
---|
Action | Path |
---|
Action | Path | Val_Name | Val_Data |
---|
Action | Path | Val_Name | Val_Type | Mod_Val_Type | Val_Data | Mod_Val_Data |
---|
Action | Path | Val_Name | Val_Data | Mod_Val_Data |
---|---|---|---|---|
modified | HKLM/SOFTWARE/Microsoft/Cryptography/RNG | Seed | 7A 52 07 FB E7 69 CE 3E 50 B7 C1 F6 E5 B9 C9 4F 28 F2 1F 09 04 39 4B 84 28 E9 8A | 57 42 D7 41 AC 83 75 EB 1B 3C A3 4C F9 A2 F6 1D D5 48 CD 41 09 C4 F7 78 F6 78 5 |
DNS | DNS Response |
---|
DstIP | HTTP_HOST | HTTP_REQUEST_URI | HTTP_USER_AGENT | PROTOCOL |
---|
PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|
DPORT | PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|
Time | Date | Protocol | SrcIP | DstIP | Dir | Flags | Sport | Dport | Pkts | Bytes |
---|
Packer Name |
---|
Honey Trap Log File Location |
---|
PTFB Log File Location |
---|