| Visit ThreatExpert web site | | | Close Report |
NOTICE: The content shown in the above window is captured automatically and is not controlled or endorsed by ThreatExpert.
Please contact us on this link should any material be offensive or inappropriate and we will ensure any such content is blocked from future viewers of the report.
 | File System Modifications |
| # | Filename(s) | File Size | File Hash | Alias |
| 1 | %Temp%\I1325608922\InstallerData\IAClasses.zip | 1,885,696 bytes | MD5: 0x9DA496E06D0FDE8668AB61F2F577E0DE SHA-1: 0x45E6419A5A3336D7DC52FD70802B55F24F169173 |
(not available) |
| 2 | %Temp%\I1325608922\InstallerData\Installer.zip | 1,109,148 bytes | MD5: 0x9C739A3C0A7C5C3E71B77D582BB28994 SHA-1: 0x5257BD79A84D350827B14232856675CABFC30067 |
(not available) |
| 3 | %Temp%\I1325608922\InstallerData\laxmanifest.txt | 828 bytes | MD5: 0xDE7349BBC1DB71469122D156EBAD9ABC SHA-1: 0x544FD5CF00D2CB84FED9B823F9E5734CC16C15D9 |
(not available) |
| 4 | %Temp%\I1325608922\InstallerData\uninstallmanifest.txt | 25,129 bytes | MD5: 0x199C33B6D54CEEEC4574A6FFA8B6BB4E SHA-1: 0x7FC5EC3B78512F80E6E2CEFD7EEA4EE727D9E273 |
(not available) |
| 5 | %Temp%\I1325608922\sea_loc | 33 bytes | MD5: 0x19DF049DD9121D3BE35F0B8B0A62B7D8 SHA-1: 0xD4722C4E74D2E1C4687B5BAF2771864B9C58C05C |
(not available) |
| 6 | %Temp%\I1325608922\Windows\Persona_JA11.exe | 319,488 bytes | MD5: 0x99FE6684ABAAB6536DC61B969B6FD065 SHA-1: 0x528AAAE4E060A0C16725A8C4F46D74F313F7B2B3 |
(not available) |
| 7 | %Temp%\I1325608922\Windows\Persona_JA11.lax | 1,017 bytes | MD5: 0xDF3F916805AE837D745ABB51ECD511E3 SHA-1: 0x551D000098FCBE79EC5A62BC405902CFCD4F6C71 |
(not available) |
| 8 |
%Temp%\I1325608922\Windows\resource\iawin32.dll
|
57,344 bytes | MD5: 0xD80F56AC71C19710B7D722E92E686C96 SHA-1: 0xBA4943EAAF728A3245AB679158F9F2130C8AB34B |
(not available) |
| 9 | %Temp%\I1325608922\Windows\resource\jdglue.zip | 4,478 bytes | MD5: 0xDE9BF92388128A4E1C9C52C40766396D SHA-1: 0x7ED4495AEC461442DAB30BE4AD5A0FA59881C3BF |
(not available) |
| 10 |
%Temp%\I1325608922\Windows\resource\remove.exe
|
40,960 bytes | MD5: 0x16468DA66430E486D8A3D1F7223328E4 SHA-1: 0x5B816913632B416334B7517964A15D5D1DBD043F |
(not available) |
| 11 |
%Temp%\I1325608922\Windows\resource\ZGWin32LaunchHelper.exe
|
45,224 bytes | MD5: 0x3B169826081AA0B92BF122454F59DE05 SHA-1: 0x89F61544053E08C0B7C28F25D471098A6D9B3D6F |
(not available) |
| 12 | [file and pathname of the sample #1] | 1,852,132 bytes | MD5: 0x2EE215445405F7D3F968970D01DB0FD9 SHA-1: 0x85A79CE1CC930FC3F829436651DE058EF75864E9 |
packed with Shrinker [Kaspersky Lab] |
 | Memory Modifications |
| Process Name | Process Filename | Main Module Size |
| Persona_JA11.exe | %Temp%\I1325608922\Windows\Persona_JA11.exe | 348,160 bytes |
All content ("Information") contained in this report is the copyrighted work of Threat Expert Ltd and its associated companies ("ThreatExpert") and may not be copied without the express permission of ThreatExpert.
The Information is provided on an "as is" basis. ThreatExpert disclaims all warranties, whether express or implied, to the maximum extent permitted by law, including the implied warranties that the Information is merchantable, of satisfactory quality, accurate, fit for a particular purpose or need, or non-infringing, unless such implied warranties are legally incapable of exclusion. Further, ThreatExpert does not warrant or make any representations regarding the use or the results of the use of the Information in terms of their correctness, accuracy, reliability, or otherwise.
Copyright © 2013 ThreatExpert. All rights reserved.