Overall Threat Level
SD Threat Level
AV Threat Level
TE Threat Level

Other information

File Name:	SharpReader0960.zip
File Size:	795.13 KB

Submission Summary:

• Submission details:
• Submission received: 04 February 2008 14:24:45 PM
• Processing time: 3 min 27 sec
• Submitted sample:
• File MD5: CD3DC0C2C49D8D2967D9937E5838E1D2
• Filesize: 814,211 bytes
• Alias:

 

Technical Details:

 

File System Modifications

• The following file was created in the system:

#	Filename(s)	File Size	File MD5	Alias
1	%Temp%\AxInterop.SHDocVw.dll	49,152 bytes	022718E6D049865DB703DDDC82077911	(not available)
2	%Temp%\blogExtension.dll	3,584 bytes	4853982811710E89F6DE141E138F6CF1	(not available)
3	%Temp%\blogThis.dll	3,584 bytes	39898F1372BAB7B6B77885CD4870C760	(not available)
4	%Temp%\CustomComponents.dll	20,480 bytes	D2486168D1C04B5FA6420EA3B441B737	(not available)
5	%Temp%\CustomComponents.pdb	17,920 bytes	1C58D0965719C4E57AA013A49FF2C4E2	(not available)
6	%Temp%\genghis-license.txt	1,010 bytes	DDB0BC20EDA8D5679B76E450E650853E	(not available)
7	%Temp%\Genghis.dll	335,872 bytes	95B321D3E75B6EF9B3E833CA3DB0F23C	(not available)
8	%Temp%\ICSharpCode.SharpZipLib.dll	114,688 bytes	F4107481E72E107B0D69C39B73CD4449	(not available)
9	%Temp%\Interop.SHDocVw.dll	126,976 bytes	9BAB85E85D81C1A3D1D56F5704B2AD6E	(not available)
10	%Temp%\lamarvin.windows.forms.autocomplete.dll	69,632 bytes	A86055B5ECECD0B6942D5A2FCBE65B44	(not available)
11	%Temp%\LaMarvin.Windows.Forms.AutoComplete.Interop.dll	7,168 bytes	F91A5D5FC00132F864ED867E592F7694	(not available)
12	%Temp%\lamarvin.windows.forms.autocomplete.xml	17,613 bytes	717AD7BC78E2B97E8A2A6ECDDD188B34	(not available)
13	%Temp%\log4net-license.txt	2,868 bytes	B467453087E2E46042DCFA0592E7D88C	(not available)
14	%Temp%\log4net.dll	196,608 bytes	67BA6F7D2EE62B177768ED642E6AD50D	(not available)
15	%Temp%\partial.mshtml.DLL	102,400 bytes	8D4A32A2C5A2DA4B4DE08B7AD830D2BB	(not available)
16	%Temp%\plugins\readme.txt	140 bytes	8982E9EAC81397786E93A53AF75ABA9A	(not available)
17	%Temp%\readme.htm	5,401 bytes	3C1FCCAD879A578305384176D4281126	(not available)
18	%Temp%\SharpReader.exe	622,592 bytes	365EE56245ACFBA1D227A5F50FCDAC21	(not available)
19	%Temp%\SharpReader.exe.config	188 bytes	21A360C45A1E152128C46C6880CBB9C1	(not available)
20	%Temp%\SharpReader.exe.log4net	660 bytes	811494E233093BCF5E496AD76C1D7EBC	(not available)
21	%Temp%\SharpReader.exe.manifest	674 bytes	052736BBCD037ACBD587981C61FBBBA0	(not available)
22	%Temp%\SharpReader.pdb	1,142,272 bytes	78D8B14EBB6CBBB9FE288411AE6E0041	(not available)
23	%Temp%\sharpZipLib-license.txt	19,659 bytes	C6E6C82BE4A821F793D671346A88F93F	(not available)
24	[file and pathname of the sample #1]	814,211 bytes	CD3DC0C2C49D8D2967D9937E5838E1D2	(not available)

• Notes:
• %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).

• The following directories were created:
• %Temp%\plugins

 

All content ("Information") contained in this report is the copyrighted work of ThreatExpert Limited and its associated companies ("ThreatExpert") and may not be copied without the express permission of ThreatExpert.

The Information is provided on an "as is" basis. ThreatExpert disclaims all warranties, whether express or implied, to the maximum extent permitted by law, including the implied warranties that the Information is merchantable, of satisfactory quality, accurate, fit for a particular purpose or need, or non-infringing, unless such implied warranties are legally incapable of exclusion. Further, ThreatExpert does not warrant or make any representations regarding the use or the results of the use of the Information in terms of their correctness, accuracy, reliability, or otherwise.

Copyright © 2008 ThreatExpert Limited. All rights reserved.