Analysis Date2018-04-23 02:22:15
MD5d4dd1eb8b3059885ac106162002cc0e3
SHA1fb58b5811c02a79f24e7c5aed445d89e24105f63

Static Details:

File typeHTML document, UTF-8 Unicode text, with very long lines
PEhash
AVArcabit (arcavir)Error Scanning File
AVAuthentiumJS/Faceliker.A!Eldorado
AVGrisoft (avg)JS/ClickJack
AVAvira (antivir)HTML/Rce.Gen5
AVAlwil (avast)Clickjack-AH [Trj]
AVAd-AwareJS:Trojan.JS.Likejack.A
AVBitDefenderJS:Trojan.JS.Likejack.A
AVBullGuardJS:Trojan.JS.Likejack.A
AVClamAVNo Virus
AVDr. WebJS.Click.334
AVDr. WebJS.Click.335
AVEmsisoftJS:Trojan.JS.Likejack.A
AVMicroWorld (escan)JS:Trojan.JS.Likejack.A[ZP]
AVCA (E-Trust Ino)JS:Trojan.JS.Likejack.A
AVFortinetJS/Moat.390F47FB!tr
AVFrisk (f-prot)No Virus
AVF-SecureJS:Trojan.JS.Likejack.A
AVIkarusTrojan-Clicker.JS.Faceliker
AVK7Error Scanning File
AVKasperskyNo Virus
AVMalwareBytesError Scanning File
AVMcafeeJS/Faceliker.h
AVMicrosoft Security EssentialsTrojanClicker:JS/Faceliker.A
AVMicrosoft Security EssentialsTrojanClicker:JS/Faceliker.H
AVNANOTrojan.Script.AgentClick.dchycs
AVNANOTrojan.Script.FbClickJack.eqtvka
AVEset (nod32)JS/TrojanClicker.Agent.NGC
AVPadvishNo Virus
AVCAT (quickheal)JS.Faceliker.NC
AVRisingTrojan.Script.JS.Likejack.b
AV360 Safetrojan.js.likejack.a
AVSUPERAntiSpywareNo Virus
AVSymantecNo Virus
AVTrend MicroNo Virus
AVTwisterNo Virus
AVVirusBlokAda (vba32)No Virus
AVWindows DefenderTrojanClicker:JS/Faceliker.A
AVWindows DefenderTrojanClicker:JS/Faceliker.H
AVZillya!No Virus

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Program Files\Internet Explorer\iexplore.exe

Creates FileC:\Windows\Globalization\Sorting\sortdefault.nls
Creates FileC:\Windows\System32\oleaccrc.dll
Creates FileC:\Users\Phil
Creates FileC:\Users\Phil\AppData\Local
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Temporary Internet Files
Creates FileC:\Users\Phil
Creates FileC:\Users\Phil\AppData\Roaming
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\Cookies
Creates FileC:\Users\Phil
Creates FileC:\Users\Phil\AppData\Local
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\History
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
Creates File\??\Nsi
Creates FileC:\Program Files\Java\jre6\bin\jp2ssv.dll
Creates FileC:\Program Files\Java\jre6\bin\jp2ssv.dll
Creates FileC:\Users\Phil
Creates FileC:\Users\Phil\Favorites
Creates FileC:\Users\Phil
Creates FileC:\Users\Phil\AppData\Local
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Temporary Internet Files
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Temporary Internet Files\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Temporary Internet Files\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\
Creates FileC:\Users\Phil\AppData\Local\
Creates FileC:\Users\Phil\AppData\Local\
Creates FileC:\Users\Phil\AppData\
Creates FileC:\Users\Phil\AppData\
Creates FileC:\Users\Phil\
Creates FileC:\Users\Phil\
Creates FileC:\Users\
Creates FileC:\Users\
Creates File\??\MountPointManager
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low
Creates FileC:\Users\Phil
Creates FileC:\Users\Phil\AppData\Roaming
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\Cookies
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\Cookies\Low\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\Cookies\Low\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\Cookies\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\Cookies\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\
Creates FileC:\Users\Phil\AppData\Roaming\
Creates FileC:\Users\Phil\AppData\Roaming\
Creates FileC:\Users\Phil\AppData\
Creates FileC:\Users\Phil\AppData\
Creates FileC:\Users\Phil\
Creates FileC:\Users\Phil\
Creates FileC:\Users\
Creates FileC:\Users\
Creates File\??\MountPointManager
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\Cookies\Low
Creates FileC:\Users\Phil
Creates FileC:\Users\Phil\AppData\Local
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\History
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\History\Low\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\History\Low\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\History\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\History\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\
Creates FileC:\Users\Phil\AppData\Local\
Creates FileC:\Users\Phil\AppData\Local\
Creates FileC:\Users\Phil\AppData\
Creates FileC:\Users\Phil\AppData\
Creates FileC:\Users\Phil\
Creates FileC:\Users\Phil\
Creates FileC:\Users\
Creates FileC:\Users\
Creates File\??\MountPointManager
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\History\Low
Creates FileC:\Users\Phil
Creates FileC:\Users\Phil\Favorites
Creates FileC:\Users\Phil\Favorites\
Creates FileC:\Users\Phil\Favorites\
Creates FileC:\Users\Phil\
Creates FileC:\Users\Phil\
Creates FileC:\Users\
Creates FileC:\Users\
Creates File\??\MountPointManager
Creates FileC:\Users\Phil\Favorites
Creates FileC:\Users\Phil
Creates FileC:\Users\Phil\AppData\Local
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Temporary Internet Files
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Temporary Internet Files\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Temporary Internet Files\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\
Creates FileC:\Users\Phil\AppData\Local\
Creates FileC:\Users\Phil\AppData\Local\
Creates FileC:\Users\Phil\AppData\
Creates FileC:\Users\Phil\AppData\
Creates FileC:\Users\Phil\
Creates FileC:\Users\Phil\
Creates FileC:\Users\
Creates FileC:\Users\
Creates File\??\MountPointManager
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\PrivacIE
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\PrivacIE\Low\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\PrivacIE\Low\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\PrivacIE\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\PrivacIE\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\
Creates FileC:\Users\Phil\AppData\Roaming\
Creates FileC:\Users\Phil\AppData\Roaming\
Creates FileC:\Users\Phil\AppData\
Creates FileC:\Users\Phil\AppData\
Creates FileC:\Users\Phil\
Creates FileC:\Users\Phil\
Creates FileC:\Users\
Creates FileC:\Users\
Creates File\??\MountPointManager
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\IECompatCache
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\IECompatCache\Low\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\IECompatCache\Low\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\IECompatCache\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\IECompatCache\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\
Creates FileC:\Users\Phil\AppData\Roaming\
Creates FileC:\Users\Phil\AppData\Roaming\
Creates FileC:\Users\Phil\AppData\
Creates FileC:\Users\Phil\AppData\
Creates FileC:\Users\Phil\
Creates FileC:\Users\Phil\
Creates FileC:\Users\
Creates FileC:\Users\
Creates File\??\MountPointManager
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\IECompatCache\Low
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\IETldCache
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\IETldCache\Low\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\IETldCache\Low\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\IETldCache\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\IETldCache\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\
Creates FileC:\Users\Phil\AppData\Roaming\
Creates FileC:\Users\Phil\AppData\Roaming\
Creates FileC:\Users\Phil\AppData\
Creates FileC:\Users\Phil\AppData\
Creates FileC:\Users\Phil\
Creates FileC:\Users\Phil\
Creates FileC:\Users\
Creates FileC:\Users\
Creates File\??\MountPointManager
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\IETldCache\Low
Creates FileC:\Users\Phil\AppData\Local\Temp\Low\
Creates FileC:\Users\Phil\AppData\Local\Temp\Low\
Creates FileC:\Users\Phil\AppData\Local\Temp\
Creates FileC:\Users\Phil\AppData\Local\Temp\
Creates FileC:\Users\Phil\AppData\Local\
Creates FileC:\Users\Phil\AppData\Local\
Creates FileC:\Users\Phil\AppData\
Creates FileC:\Users\Phil\AppData\
Creates FileC:\Users\Phil\
Creates FileC:\Users\Phil\
Creates FileC:\Users\
Creates FileC:\Users\
Creates File\??\MountPointManager
Creates FileC:\Users\Phil\AppData\Local\Temp\Low
Creates File\Device\Afd\Endpoint
Creates File\Device\Afd\Endpoint
Creates File\Device\RasAcd
Creates FileC:\Users\Phil
Creates FileC:\Users\Phil\Favorites
Creates File\??\MountPointManager
Creates FileC:\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Caches
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000001.db
Creates FileC:\Users\desktop.ini
Creates FileC:\Users
Creates FileC:\Users\Phil
Creates FileC:\Users\Phil\AppData
Creates FileC:\Users\Phil\AppData\Local
Creates FileC:\Users\Phil\AppData\Local\Temp
Creates FileC:\Windows\System32\url.dll
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{F1AD18C4-4650-11E8-9C9D-5254005DCC33}.dat
Creates FileC:\Windows\Fonts\staticcache.dat
Creates FileC:\Windows\System32\en-US\urlmon.dll.mui
Creates File\??\MountPointManager
Creates FileC:\
Creates FileC:\Users
Creates FileC:\Users\Phil
Creates FileC:\Users\Phil\Favorites\desktop.ini
Creates FileC:\Users\Phil\Favorites
Creates FileC:\Users\Phil\Favorites\Links\desktop.ini
Creates FileC:\Users\Phil\AppData\Local\Temp\~DF176500B0AA35618B.TMP
Creates FileC:\Users\Phil\Favorites\Links\desktop.ini
Creates FileC:\Users\Phil\Favorites\Links
Creates File\??\MountPointManager
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{F1AD18C5-4650-11E8-9C9D-5254005DCC33}.dat
Creates FileC:\Users\Phil\AppData\Local\Temp\~DF1AA40C6CB416DC44.TMP
Creates File\??\MountPointManager
Creates File\??\MountPointManager
Creates File\??\MountPointManager
Creates File\??\MountPointManager
Creates File\??\MountPointManager
Creates File\??\MountPointManager
Creates File\??\MountPointManager
Creates File\??\MountPointManager
Creates File\??\MountPointManager
Creates File\??\MountPointManager
Creates FileC:\
Creates FileC:\Users\desktop.ini
Creates FileC:\Users
Creates FileC:\Users\Phil
Creates FileC:\Users\Phil\Favorites\desktop.ini
Creates FileC:\Users\Phil\Desktop\desktop.ini
Creates FileC:\
Creates FileC:\Users
Creates FileC:\Users\Phil
Creates FileC:\Users\Phil\Favorites
Creates FileC:\Users\Phil\Favorites\Links\desktop.ini
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Internet Explorer\frameiconcache.dat
Creates FileC:\Users\Phil\Favorites
Creates FileC:\Users\Phil\Favorites\Links
Creates FileC:\Users\Phil\Favorites\Links
Creates FileC:\Users\Phil\Favorites\Links
Creates FileC:\Users\Phil
Creates FileC:\Users\Phil\Favorites
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Feeds
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
Creates FileC:\Windows\System32\ieframe.dll
Creates FileC:\Windows\System32\stdole2.tlb
Creates FileC:\
Creates FileC:\Users\desktop.ini
Creates FileC:\Users
Creates FileC:\Users\Phil
Creates FileC:\Users\Phil\Favorites\desktop.ini
Creates FileC:\
Creates FileC:\Users
Creates FileC:\Users\Phil
Creates FileC:\Users\Phil\Favorites
Creates FileC:\Users\Phil\Favorites\Links\desktop.ini
Creates FileC:\Users\Phil\Favorites\Links
Creates FileC:\Users\Phil\Favorites\Links\Suggested Sites.url
Creates FileC:\Users\Phil\Favorites\Links\Web Slice Gallery.url
Creates FileC:\Users\Phil\Favorites\Links
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Feeds Cache\index.dat
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\Suggested Sites~.feed-ms
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\Suggested Sites~.feed-ms
Creates FileC:\Users\Phil\AppData\Local\Temp\~DF27ECFA198CD69797.TMP
Creates FileC:\Users\Phil\AppData\Local\Temp\~DF4D6982CA74171C15.TMP
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Feeds\FeedsStore.feedsdb-ms
Creates FileC:\Users\Phil\AppData\Local\Temp\~DF99D5DD47D62AFD81.TMP
Creates FileC:\Users\Phil\AppData\Local\Temp\~DFAD69DF742C573DEC.TMP
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Feeds\FeedsStore.feedsdb-ms
Creates FileC:\Users\Phil\Favorites\Links
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\Web Slice Gallery~.feed-ms
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\Web Slice Gallery~.feed-ms
Creates FileC:\Users\Phil\AppData\Local\Temp\~DF15D7A27E5F509A00.TMP
Creates FileC:\Users\Phil\AppData\Local\Temp\~DF4B3CF6607F9FC532.TMP
Creates File\Device\Afd\Endpoint
Creates File\Device\Afd\Endpoint
Creates File\Device\Afd\Endpoint
Creates File\Device\RasAcd
Creates File\Device\Afd\Endpoint
Creates File\Device\Afd\Endpoint
Creates File\Device\Afd\Endpoint

Process
↳ C:\Program Files\Internet Explorer\iexplore.exe

Creates FileC:\Windows\Globalization\Sorting\sortdefault.nls
Creates FileC:\Windows\System32\oleaccrc.dll
Creates File\??\MountPointManager
Creates FileC:\
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Caches
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
Creates FileC:\Windows\System32\rsaenh.dll
Creates File\??\MountPointManager
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000001.db
Creates FileC:\Users\desktop.ini
Creates FileC:\Users
Creates FileC:\Users\Phil
Creates File\??\MountPointManager
Creates File\??\MountPointManager
Creates File\??\MountPointManager
Creates File\??\MountPointManager
Creates File\??\MountPointManager
Creates File\??\MountPointManager
Creates File\??\MountPointManager
Creates File\??\MountPointManager
Creates File\??\MountPointManager
Creates File\??\MountPointManager
Creates FileC:\Users\Phil\Favorites\desktop.ini
Creates FileC:\Users\Phil\Desktop\desktop.ini
Creates FileC:\Users\Phil
Creates FileC:\Users\Phil\AppData\Local
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Temporary Internet Files
Creates FileC:\Users\Phil
Creates FileC:\Users\Phil\AppData\Roaming
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\Cookies
Creates FileC:\Users\Phil
Creates FileC:\Users\Phil\AppData\Local
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\History
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
Creates FileC:\Windows\Fonts\staticcache.dat
Creates FileC:\Windows\AppPatch\AppPatch64\sysmain.sdb
Creates FileC:\Program Files\Java\jre6\bin\jp2ssv.dll
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Feeds Cache\index.dat
Creates FileC:\Windows\System32\en-US\urlmon.dll.mui
Creates FileC:\Users\Phil\AppData\Local\Temp\fb58b5811c02a79f24e7c5aed445d89e24105f63.html
Creates FileC:\Users\Phil\AppData\Local\Temp\fb58b5811c02a79f24e7c5aed445d89e24105f63.html
Creates FileC:\Users\Phil\AppData\Local\Temp\fb58b5811c02a79f24e7c5aed445d89e24105f63.html
Creates FileC:\Windows\Media\Windows Information Bar.wav
Creates FileC:\Users\Phil\Desktop\wdmaud.drv
Creates FileC:\Windows\System32\wdmaud.drv
Creates FileC:\Users\Phil\Desktop\wdmaud.drv
Creates FileC:\Windows\System32\wdmaud.drv
Creates FileC:\Users\Phil\Desktop\wdmaud.drv
Creates FileC:\Windows\System32\wdmaud.drv
Creates FileC:\Windows\System32\en-US\wdmaud.drv.mui
Creates File\Device\Afd\Endpoint
Creates FileC:\Users\Phil\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\9A227620A01E38BA2D579C13EF7055715160E919
Creates FileC:\Windows\System32\en-US\MMDevAPI.DLL.mui
Creates File\??\Nsi
Creates FileC:\Users\Phil\Desktop\wdmaud.drv
Creates FileC:\Windows\System32\wdmaud.drv
Creates File\Device\Afd\Endpoint
Creates File\Device\Afd\Endpoint
Creates File\Device\RasAcd
Creates FileC:\Users\Phil\Desktop\wdmaud.drv
Creates FileC:\Windows\System32\wdmaud.drv
Creates FileC:\Users\Phil\Desktop\wdmaud.drv
Creates FileC:\Windows\System32\wdmaud.drv
Creates FileC:\
Creates FileC:\Users
Creates FileC:\Users\Phil
Creates FileC:\Users\Phil\AppData
Creates FileC:\Users\Phil\AppData\Local
Creates FileC:\Users\Phil\AppData\Local\Temp
Creates FileC:\Users\Phil\AppData\Local\Temp\fb58b5811c02a79f24e7c5aed445d89e24105f63.html
Creates FileC:\Users\Phil\AppData\Local\Temp\fb58b5811c02a79f24e7c5aed445d89e24105f63.html

Network Details:


Raw Pcap
0x00000000 (00000)   47455420 2f6e6373 692e7478 74204854   GET /ncsi.txt HT
0x00000010 (00016)   54502f31 2e310d0a 436f6e6e 65637469   TP/1.1..Connecti
0x00000020 (00032)   6f6e3a20 436c6f73 650d0a55 7365722d   on: Close..User-
0x00000030 (00048)   4167656e 743a204d 6963726f 736f6674   Agent: Microsoft
0x00000040 (00064)   204e4353 490d0a48 6f73743a 20777777    NCSI..Host: www
0x00000050 (00080)   2e6d7366 746e6373 692e636f 6d0d0a0d   .msftncsi.com...
0x00000060 (00096)   0a                                    .

0x00000000 (00000)   47455420 2f6e6373 692e7478 74204854   GET /ncsi.txt HT
0x00000010 (00016)   54502f31 2e310d0a 436f6e6e 65637469   TP/1.1..Connecti
0x00000020 (00032)   6f6e3a20 436c6f73 650d0a55 7365722d   on: Close..User-
0x00000030 (00048)   4167656e 743a204d 6963726f 736f6674   Agent: Microsoft
0x00000040 (00064)   204e4353 490d0a48 6f73743a 20777777    NCSI..Host: www
0x00000050 (00080)   2e6d7366 746e6373 692e636f 6d0d0a0d   .msftncsi.com...
0x00000060 (00096)   0a                                    .


Strings