File MD5Sum | SHA1SUM | SHA256SUM | FUZZY HASH | File Size |
---|---|---|---|---|
f69878b35bf95788a1b5d495fe8376a0 | 2b6cad48e2b7ca37ac4a2697bc871b706b931853 | de7d3bdbea57ba506d76c0abddded13c1ef962c00b170fd3e19f3eae2f165c91 | 6144:u8U2qy6rRZb7jxGYnjXxO/0/VkHh11hnxI7Rs:wzy6rRxE0Oc6dhnxaS | 269235 |
File Name |
---|
Guests.exe |
Snort Class | Snort Alert | Count |
---|---|---|
N/A | No snort alerts generated | 0 |
AV Alert | AV Vendor |
---|---|
Suspicious.Cloud.5 | Symantec |
N/A | McAfee |
Trojan.Win32.VkHost.dxf | Kaspersky |
Path | Folder Name |
---|
Action | Path | File Name |
---|
Action | Path |
---|
Action | Path | Val_Name | Val_Data |
---|
Action | Path | Val_Name | Val_Type | Mod_Val_Type | Val_Data | Mod_Val_Data |
---|
Action | Path | Val_Name | Val_Data | Mod_Val_Data |
---|---|---|---|---|
modified | HKLM/SOFTWARE/Microsoft/Cryptography/RNG | Seed | FD 13 8C EB 76 CF AD EC 01 5A E4 2F 6B 0C 00 D6 20 AD C0 7C 04 6A 6E 68 5B 8D FD | 8A B2 DC 02 21 33 F7 D9 91 79 B7 1D 64 DA 15 E1 3A 61 E2 17 B0 F1 8B 2A DE 0D 8 |
DNS | DNS Response |
---|
DstIP | HTTP_HOST | HTTP_REQUEST_URI | HTTP_USER_AGENT | PROTOCOL |
---|---|---|---|---|
239.255.255.250 | 239.255.255.250:1900 | * | --blank-- | 0x11 |
PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|---|---|---|---|
17 | 2 | 0 | 350 | 0 |
DPORT | PROTOCOL | SRC_PKTS | DST_PKTS | SRC_BYTES | DST_BYTES |
---|---|---|---|---|---|
1900 | 17 | 2 | 0 | 350 | 0 |
Time | Date | Protocol | SrcIP | DstIP | Dir | Flags | Sport | Dport | Pkts | Bytes |
---|---|---|---|---|---|---|---|---|---|---|
15:22:55 | 2011-07-01 | 17 | 10.10.10.7 | 239.255.255.250 | -> | e | 8 | 1900 | 2 | 350 |
Packer Name |
---|
Honey Trap Log File Location |
---|
PTFB Log File Location |
---|