Visit ThreatExpert web site |Close Report

Submission Summary:

 

Technical Details:

 

File System Modifications

#Filename(s)File SizeFile Hash
1 %Temp%\TCPZ_20090108\Files.EN.txt 1,309 bytes MD5: 0xCCA571CEF868B4BA4AFE9E6AF349F8F5
SHA-1: 0x2556C76FFA3C500BBC0715ADC7E57B1093095F2C
2 %Temp%\TCPZ_20090108\files.txt 1,906 bytes MD5: 0xBC36F2397FE247A2E9AEBD9C3EE4797D
SHA-1: 0xD43C79948939AAF16128D034740993062F9D9FC6
3 %Temp%\TCPZ_20090108\ReadMe.en.txt 11,662 bytes MD5: 0xE5F9BD11C7728BD5D585F27E2CDC4246
SHA-1: 0x1B990413C438F64959F252CAC42BC316F41DAF81
4 %Temp%\TCPZ_20090108\ReadMe.txt 7,674 bytes MD5: 0x9CF9A178334B49831F7C15D11BACB230
SHA-1: 0x75E4378301BBD6868F033C2AB95FA09721CEEA5B
5 %Temp%\TCPZ_20090108\TCPZ.exe 589,160 bytes MD5: 0x4D2BEBAD8EF7818035A263281C254C28
SHA-1: 0xD6A69EADA79D3157EE42703AB796FFB8E1127BC2
6 %Temp%\TCPZ_20090108\TCPZ64.exe 790,376 bytes MD5: 0x58804F544D9E46C37E827568D5C35E86
SHA-1: 0x929E83C4E450B346DF2D3FBF0BFBAF9C19D8591A
7 %Temp%\TCPZ_20090108\VirtualDevice\Driver\tcpz-x64d.sys 15,208 bytes MD5: 0x8F2B629FB8DB0B69B996B09D58BCD419
SHA-1: 0x863E86FE7FDBBAFD185C3B31DCF1CD98D5CC11AD
8 %Temp%\TCPZ_20090108\VirtualDevice\Driver\tcpz-x86d.sys 12,136 bytes MD5: 0x1D1E2AC3195B7D199337557CA9AB84CF
SHA-1: 0x1AC8D3DB5647B3BCBA39C3B48A647207D4651BE7
9 %Temp%\TCPZ_20090108\VirtualDevice\Driver\tcpz.cat 5,743 bytes MD5: 0xCED67F4A8A97B3F70D615408EC6B61D5
SHA-1: 0xB7B980141EBCFC60AEFAD7954C04794D96C7E89F
10 %Temp%\TCPZ_20090108\VirtualDevice\Driver\tcpz.inf 3,874 bytes MD5: 0xD58EA370AC78C33BA61D1E78247E418A
SHA-1: 0x05FF09EC32EFD774B0811AFAA61190FD98C80150
11 %Temp%\TCPZ_20090108\VirtualDevice\Driver\TcpzPropPage-x64.DLL 29,544 bytes MD5: 0x15188BA547CB20F803C7609F6B9A16CE
SHA-1: 0x530140085B2C2F7BF7C6AA58CBF5FA0B79682A9C
12 %Temp%\TCPZ_20090108\VirtualDevice\Driver\TcpzPropPage-x86.DLL 25,960 bytes MD5: 0xDB843B5689C0A89BB2605073DA0127B1
SHA-1: 0x2560FD1CF0A31E8B5347E52E2C01BADCC4019734
13 %Temp%\TCPZ_20090108\VirtualDevice\readme.EN.txt 3,433 bytes MD5: 0x2FC255EAEA737ABE9A08D0781FC5EDB2
SHA-1: 0x5AC7479CB27304FCA84342AC108B0AAF9C89340D
14 %Temp%\TCPZ_20090108\VirtualDevice\readme.txt 3,132 bytes MD5: 0x8262A90777DE5CA59F5E72180C40CF50
SHA-1: 0x4A614D266CCDCEA33AEEC67BC33DE6B43AB79DB0
15 %Temp%\TCPZ_20090108\VirtualDevice\RemoveWatermarkX64.exe 11,264 bytes MD5: 0x45265B9ACB1185375D25C31A450DF367
SHA-1: 0xF5A03F00B8DECA799E29A1C08CF440C0DBBE40A4
16 %Temp%\TCPZ_20090108\VirtualDevice\TCPZ_Setup-x64.exe 32,616 bytes MD5: 0xDE8112218BBA2334FCBC5C1D400CB005
SHA-1: 0xE497BEEC9E63959E2CDDE33E2554A81BE53B0981
17 %Temp%\TCPZ_20090108\VirtualDevice\TCPZ_Setup-x86.exe 25,960 bytes MD5: 0x61D65D55CF363ECDA9976236DC8A9DBD
SHA-1: 0xB21FF49CF29CF11975360FBBF1587D8E1D40FEF4
18 [file and pathname of the sample #1] 664,888 bytes MD5: 0x4344EB2221D8684512F32DF607035CC8
SHA-1: 0xE9E1A4292016AFA2BEEDF84FC1B272D107DAB781

 

Memory Modifications

Process NameProcess FilenameMain Module Size
TCPZ_Setup-x86.exe%Temp%\TCPZ_20090108\VirtualDevice\TCPZ_Setup-x86.exe32,768 bytes
TCPZ.exe%Temp%\TCPZ_20090108\TCPZ.exe602,112 bytes

 

Other details

China

 

 

All content ("Information") contained in this report is the copyrighted work of Threat Expert Ltd and its associated companies ("ThreatExpert") and may not be copied without the express permission of ThreatExpert.

The Information is provided on an "as is" basis. ThreatExpert disclaims all warranties, whether express or implied, to the maximum extent permitted by law, including the implied warranties that the Information is merchantable, of satisfactory quality, accurate, fit for a particular purpose or need, or non-infringing, unless such implied warranties are legally incapable of exclusion. Further, ThreatExpert does not warrant or make any representations regarding the use or the results of the use of the Information in terms of their correctness, accuracy, reliability, or otherwise.

Copyright © 2009 ThreatExpert. All rights reserved.