Trojan.Agent.PE5, TR/Kazy.58739 Trojan Horses | Joachim De Zutter
29th of February 2012





Trojan.Agent.PE5 characteristics:
Executes from the cache
Small executable
Window not visible
Filename: 87.TMP
Filesize: 48640
MD5: 8fc7f54d7e9b85830448df6149c7e879
SHA1: b454614de1fcd44cd31105a4c6114391d5c912be
SHA256: 8df4f22ed7a4e9d7f932eb7ef8ee1dfb2d397c85954c0027dd691e842b8e92fe
87.TMP performs a DNS query for bekqyma.eu, which resolved to quickly varying IP addresses (fast flux) (over 1000 unique IP addresses were witnessed in less than a day bigger list here):
108.167.112.229
108.87.39.159
109.105.10.128
109.105.27.254
109.110.137.83
109.110.204.224
109.110.216.22
109.122.114.37
109.122.8.105
109.160.26.73
109.162.21.83
109.173.228.151
109.197.100.44
109.197.43.130
109.197.65.206
109.207.108.126
109.207.154.249
109.225.69.164
109.229.185.56
109.230.145.43
109.232.24.133
109.64.128.231
109.67.40.180
109.86.151.233
109.86.57.202
109.95.25.187
110.9.150.29
111.249.195.134
112.200.112.173
112.200.65.41
112.205.154.223
112.205.77.153
112.210.177.166
113.10.77.23
113.193.56.87
113.52.217.165
114.30.14.176
115.186.124.16
115.186.99.17
115.22.167.234
115.86.126.7
115.86.151.30
115.86.9.41
117.198.15.66
117.20.186.126
117.214.40.20
117.53.66.202
118.174.28.6
118.217.199.228
119.18.147.103
119.206.107.40
121.129.15.200
121.135.191.196
121.156.200.45
121.56.53.64
122.102.138.104
123.194.14.156
123.195.50.22
123.202.69.63
1.23.226.255
123.238.3.43
123.238.74.15
123.248.158.85
123.248.171.158
124.125.150.137
124.125.90.132
124.216.11.207
124.50.76.154
124.6.3.225
12.68.92.123
141.196.117.1
144.122.229.124
14.42.193.177
145.236.8.84
148.228.181.41
149.156.166.141
149.157.20.45
151.100.161.19
151.54.157.174
153.19.214.137
159.224.20.216
160.114.107.130
161.111.163.120
163.117.28.82
165.124.106.88
174.48.134.78
174.97.170.42
175.202.216.213
175.205.116.57
175.214.11.90
176.101.161.207
176.106.107.228
176.106.109.213
176.222.186.234
176.240.140.50
176.240.235.81
178.148.5.227
178.148.76.225
178.149.198.192
178.156.150.49
178.157.55.114
178.165.69.12
178.172.197.125
178.214.148.32
178.216.26.43
178.233.48.35
178.235.101.172
178.235.177.127
178.235.28.112
178.235.72.198
178.243.223.130
178.252.0.168
178.252.0.239
178.36.106.160
178.36.90.113
178.48.95.144
178.76.40.214
178.84.46.231
178.90.210.155
180.149.216.13
181.132.94.189
181.28.171.23
181.28.208.96
183.179.99.195
183.83.176.143
183.83.190.115
184.56.51.185
184.59.208.135
186.123.29.130
186.136.112.89
186.137.63.218
186.14.25.213
186.144.34.73
186.146.212.124
186.18.159.144
186.19.78.67
186.218.208.98
186.22.204.174
186.23.171.49
186.36.166.203
186.68.243.63
187.185.105.131
188.121.25.179
188.123.193.155
188.125.134.145
188.125.246.43
188.129.234.218
188.140.120.6
188.142.21.168
188.173.102.162
188.173.136.199
188.173.8.177
188.175.162.89
188.230.107.39
188.230.98.25
188.231.181.188
188.237.166.240
188.237.200.39
188.240.45.97
188.240.56.203
188.241.42.9
188.241.8.242
188.254.132.208
188.254.196.172
188.93.203.168
189.14.189.69
189.199.162.69
189.199.178.154
189.220.154.84
189.220.34.95
190.11.111.218
190.112.242.102
190.112.88.162
190.114.149.199
190.1.176.5
190.122.25.235
190.128.73.144
190.141.20.82
190.163.147.71
190.163.152.131
190.163.240.52
190.165.32.120
190.16.8.236
190.17.108.228
190.17.17.251
190.17.193.90
190.174.185.240
190.18.132.85
190.184.108.153
190.186.227.9
190.188.162.66
190.190.139.182
190.190.204.252
190.190.248.215
190.192.253.242
190.192.60.212
190.192.6.219
190.193.246.108
190.193.252.60
190.195.246.53
190.19.76.49
190.200.151.253
190.207.39.42
190.213.111.154
190.220.127.156
190.237.204.246
190.245.151.171
190.245.195.200
190.32.138.3
190.34.96.122
190.46.140.18
190.55.15.116
190.55.221.241
190.6.100.187
190.82.42.160
190.83.185.59
190.8.99.110
190.94.235.255
190.95.192.13
190.97.146.47
193.107.196.5
193.140.120.136
193.140.121.9
193.140.123.145
193.150.45.243
193.198.66.77
193.201.19.145
193.29.16.102
193.34.46.205
194.110.116.252
194.224.84.223
194.63.128.127
195.117.135.109
195.13.171.39
195.150.60.170
195.178.156.82
195.191.163.104
195.215.27.75
195.225.157.33
195.228.233.186
195.43.6.48
196.15.212.77
197.220.156.167
200.120.119.189
200.125.85.159
200.126.232.98
200.127.217.53
200.63.35.105
200.77.200.33
200.8.140.166
200.82.192.115
200.86.140.173
200.86.73.101
201.165.89.61
201.212.87.163
201.215.40.223
201.216.204.67
201.236.226.219
202.143.154.132
202.150.185.178
202.59.136.120
203.205.38.236
203.243.166.218
203.81.212.3
205.211.221.68
211.169.239.208
212.106.160.114
212.106.167.56
212.116.234.54
212.233.165.141
212.50.92.18
213.112.32.41
213.113.50.233
213.133.16.132
213.134.186.149
213.172.75.209
213.181.90.104
213.216.107.117
213.222.172.254
213.231.194.101
213.231.195.77
213.240.207.9
213.240.225.153
213.240.229.136
213.37.202.100
2.135.134.114
213.5.141.68
2.135.26.124
213.65.160.70
213.92.150.163
213.92.156.3
213.92.178.59
217.113.236.140
217.129.161.112
217.144.213.13
217.172.252.172
217.173.187.21
217.216.87.206
217.217.178.213
217.70.55.134
217.70.60.89
217.98.84.94
219.70.51.117
221.124.246.131
24.107.240.221
24.125.103.121
24.129.52.18
24.139.214.91
24.158.220.189
24.158.82.131
24.178.227.8
24.193.37.133
24.232.121.63
24.241.197.181
24.34.15.47
24.7.244.160
24.74.62.88
24.9.10.79
27.2.65.106
27.3.84.23
27.4.166.239
27.4.167.220
31.11.129.244
31.11.241.52
31.131.55.202
31.131.66.141
31.133.38.136
31.134.210.178
31.134.213.63
31.134.215.129
31.14.221.32
31.211.134.218
31.216.189.5
31.216.189.71
31.216.191.83
31.3.89.215
31.41.14.80
31.41.49.58
31.43.20.239
31.45.61.126
31.46.4.32
31.47.22.205
31.6.139.187
31.6.238.70
31.6.98.221
37.19.131.29
37.77.156.174
37.8.197.190
37.8.202.103
37.8.210.248
41.151.103.169
41.151.120.66
41.200.181.64
41.235.15.184
41.59.5.171
41.98.124.74
42.3.148.222
42.3.148.223
42.3.168.226
42.3.169.189
46.102.44.184
46.109.36.171
46.120.104.18
46.121.22.74
46.148.168.232
46.149.149.171
46.186.102.39
46.186.49.51
46.186.6.152
46.195.178.165
46.214.114.19
46.214.24.137
46.214.79.147
46.228.81.213
46.241.57.175
46.249.72.136
46.251.3.78
46.252.209.6
46.29.145.135
46.29.149.184
46.40.82.170
46.49.11.87
46.55.157.109
46.55.77.137
49.204.177.43
59.12.14.77
59.4.242.34
61.0.32.21
61.15.104.9
61.251.192.26
62.121.89.157
62.141.198.82
62.141.202.53
62.141.219.5
62.194.43.54
62.21.109.80
62.21.11.125
62.21.48.22
62.244.151.209
62.248.25.37
62.248.30.143
62.44.114.254
62.45.4.159
62.61.32.153
62.61.47.195
62.61.50.11
62.69.204.6
62.84.48.64
62.84.58.142
62.84.62.201
65.30.23.10
66.189.144.151
66.214.173.240
66.68.14.236
67.167.21.13
67.231.32.209
68.119.57.22
68.204.7.148
68.225.61.251
68.42.28.253
68.60.60.43
68.62.236.208
68.84.30.55
69.134.121.219
69.144.28.14
69.180.252.42
69.249.235.71
69.249.74.67
69.253.181.65
69.46.65.46
70.122.112.93
70.63.134.66
71.237.2.229
71.238.185.177
71.58.224.19
71.65.108.144
71.94.59.110
72.182.28.33
72.182.66.128
72.241.230.242
75.28.99.231
75.64.141.182
75.66.120.196
76.102.32.108
76.102.8.207
76.107.84.171
76.174.5.125
76.183.126.95
76.31.193.99
76.84.247.6
76.91.150.163
77.122.166.93
77.122.185.37
77.122.72.189
77.21.232.69
77.239.27.57
77.252.90.173
77.253.26.136
77.253.7.43
77.254.37.168
77.32.6.32
77.38.168.214
77.45.15.16
77.45.19.164
77.45.23.163
77.46.13.124
77.65.133.144
77.65.99.220
77.87.217.160
77.89.86.225
77.90.113.253
77.90.74.193
77.91.7.179
77.91.8.83
77.95.53.169
78.10.107.196
78.139.8.90
78.142.39.30
78.153.103.0
78.191.181.82
78.230.90.120
78.234.89.211
78.251.74.123
78.28.14.96
78.28.46.187
78.28.53.133
78.28.59.43
78.58.107.161
78.62.124.20
78.83.194.166
78.88.107.201
78.88.107.251
78.88.108.251
78.88.110.66
78.88.119.34
78.88.176.42
78.88.212.212
78.88.214.219
78.88.246.59
78.88.28.174
78.88.35.153
78.88.53.142
78.88.62.202
78.88.6.33
78.88.76.3
78.88.82.67
78.97.209.110
78.97.2.238
78.97.49.89
78.97.52.243
79.108.43.40
79.109.108.104
79.117.171.104
79.118.210.87
79.124.116.91
79.132.12.249
79.139.110.20
79.139.1.120
79.139.68.201
79.139.92.42
79.162.131.46
79.163.112.6
79.163.168.199
79.163.88.129
79.173.11.127
79.173.26.190
79.173.26.252
79.175.198.36
79.185.203.189
79.185.240.167
79.185.89.27
79.189.96.126
79.191.182.201
79.191.192.153
80.48.126.227
80.51.136.181
80.51.21.82
80.54.140.23
80.54.215.127
80.54.249.204
80.54.47.96
80.55.238.18
80.96.30.121
80.98.19.154
80.98.4.51
80.98.88.81
80.99.122.118
81.101.136.178
81.15.207.18
81.15.207.43
81.15.251.115
81.167.148.237
81.190.121.194
81.190.247.200
81.190.247.74
81.190.252.121
81.190.27.195
81.202.230.180
81.210.58.51
81.219.5.160
81.84.112.10
81.88.157.141
81.88.159.229
81.97.25.59
82.115.94.146
82.131.148.154
82.139.40.70
82.139.61.148
82.139.9.248
82.141.176.122
82.141.176.189
82.143.150.159
82.160.222.55
82.160.250.148
82.181.187.172
82.192.36.7
82.200.215.149
82.200.215.151
82.23.138.84
82.249.99.140
82.50.119.242
82.74.173.86
83.12.185.117
83.1.23.81
83.1.33.102
83.1.38.14
83.1.46.140
83.1.50.199
83.156.58.100
83.177.93.35
83.180.241.5
83.1.9.33
83.2.131.213
83.213.235.102
83.2.153.204
83.2.155.42
83.218.96.54
83.22.193.141
83.22.89.189
83.238.182.237
83.238.88.148
83.242.67.207
83.253.175.199
83.255.110.74
83.26.194.163
83.28.155.34
83.29.134.86
83.30.123.159
83.30.99.50
83.3.253.82
83.3.31.22
83.5.197.124
83.5.38.104
83.87.170.233
84.10.157.108
84.10.158.85
84.10.161.249
84.10.166.67
84.10.174.223
84.10.195.122
84.10.201.14
84.10.235.179
84.10.35.26
84.10.53.243
84.121.81.85
84.122.28.25
84.123.82.176
84.205.167.34
84.205.26.150
84.2.129.133
84.237.143.123
84.237.161.166
84.245.203.228
84.252.61.179
84.38.106.193
84.43.159.52
84.43.160.110
85.102.178.59
85.115.122.102
85.121.218.39
85.128.105.170
85.14.81.133
85.14.86.98
85.155.60.35
85.157.149.235
85.186.200.52
85.198.206.98
85.202.216.176
85.202.36.189
85.221.191.45
85.221.221.58
85.222.102.131
85.222.98.191
85.232.135.240
85.232.155.146
85.28.130.166
85.66.49.131
85.66.95.198
85.67.160.6
85.67.188.93
85.67.191.116
85.67.37.174
85.67.92.91
85.84.166.157
85.85.184.64
85.87.139.60
85.87.229.139
86.100.78.47
86.101.22.124
86.101.23.23
86.101.30.104
86.105.216.116
86.105.237.53
86.105.76.193
86.106.53.161
86.123.126.90
86.123.66.251
86.1.254.45
86.63.102.221
86.63.105.19
86.63.108.202
86.63.82.254
87.101.25.175
87.116.231.10
87.116.245.176
87.119.15.134
87.120.208.35
87.199.35.124
87.199.46.134
87.199.6.96
87.204.164.178
87.206.161.151
87.206.182.69
87.206.215.206
87.206.83.140
87.207.138.64
87.207.154.174
87.207.182.113
87.207.213.152
87.207.61.134
87.246.198.161
87.99.113.39
88.132.129.141
88.132.45.164
88.132.63.164
88.147.8.184
88.148.210.211
88.156.122.3
88.156.131.18
88.156.137.116
88.156.153.243
88.156.175.222
88.156.196.73
88.156.215.103
88.156.219.185
88.156.245.234
88.156.53.214
88.156.81.190
88.207.14.130
88.220.101.38
88.220.103.86
88.222.176.59
88.223.42.233
89.102.61.227
89.132.77.85
89.133.105.3
89.133.140.235
89.133.44.125
89.134.216.130
89.134.41.19
89.135.114.193
89.135.146.122
89.135.23.240
89.136.11.40
89.136.90.71
89.137.154.102
89.137.168.241
89.137.169.88
89.148.104.130
89.148.107.213
89.149.86.171
89.151.30.16
89.151.30.65
89.151.31.249
89.151.51.220
89.161.31.48
89.167.89.133
89.17.235.50
89.17.244.37
89.174.13.188
89.174.226.201
89.174.232.27
89.191.167.25
89.200.215.197
89.205.97.192
89.215.156.36
89.215.49.18
89.228.112.72
89.228.119.63
89.228.155.5
89.228.161.60
89.228.230.77
89.228.245.170
89.228.29.40
89.228.31.194
89.228.35.26
89.228.37.186
89.228.72.11
89.228.75.157
89.229.103.18
89.229.113.165
89.229.147.73
89.229.152.28
89.229.158.168
89.229.205.233
89.229.217.115
89.229.244.174
89.229.250.10
89.229.36.29
89.229.40.200
89.229.4.219
89.229.80.243
89.229.91.135
89.230.100.221
89.230.104.254
89.230.143.102
89.230.176.178
89.230.18.249
89.230.194.114
89.230.198.217
89.230.208.211
89.230.231.52
89.230.27.50
89.230.42.75
89.230.51.118
89.230.68.26
89.230.75.200
89.230.9.56
89.231.124.175
89.231.146.15
89.231.149.155
89.231.150.169
89.231.187.217
89.231.69.152
89.238.18.44
89.238.25.205
89.239.69.216
89.239.96.158
89.25.133.148
89.25.149.142
89.25.195.26
89.253.176.139
89.29.144.141
89.32.166.135
89.34.175.184
89.38.204.52
89.41.1.114
89.42.103.72
89.46.179.29
89.47.112.238
89.47.215.101
89.68.180.151
89.68.212.109
89.68.30.71
89.68.73.62
89.69.207.83
89.69.222.133
89.69.4.124
89.72.115.107
89.72.154.151
89.72.204.19
89.72.41.129
89.73.153.144
89.73.185.113
89.73.221.85
89.73.225.75
89.73.26.52
89.73.66.172
89.73.70.230
89.73.84.49
89.73.86.184
89.73.93.181
89.73.98.217
89.74.168.58
89.74.205.38
89.74.62.139
89.74.96.150
89.75.126.125
89.76.180.147
89.76.187.60
89.76.239.96
89.76.31.227
89.76.43.139
89.77.105.63
89.77.125.169
89.77.181.59
89.77.60.223
89.77.85.233
89.78.133.216
89.78.249.35
89.78.255.115
89.78.58.121
89.78.62.41
89.79.156.232
89.79.205.56
89.79.212.227
89.79.236.59
89.79.56.149
89.79.56.176
89.79.72.19
91.117.194.73
91.124.215.53
91.145.148.96
91.145.181.164
91.147.202.182
91.147.205.75
91.150.145.123
91.187.166.119
91.189.140.54
91.189.140.66
91.189.34.22
91.196.49.208
91.196.51.241
91.206.78.199
91.218.158.99
91.233.185.52
91.233.199.118
91.65.88.6
91.82.36.251
92.114.116.47
92.115.205.211
92.242.234.19
92.245.194.199
92.245.67.144
92.245.90.220
92.47.53.79
92.47.77.38
92.87.4.102
93.103.182.217
93.105.107.75
93.105.115.241
93.105.118.44
93.105.143.234
93.105.195.52
93.105.217.155
93.105.238.240
93.105.241.238
93.105.243.186
93.105.48.53
93.105.57.112
93.105.57.245
93.105.93.8
93.105.97.143
93.105.97.175
93.114.2.210
93.114.239.242
93.115.12.10
93.123.98.133
93.125.82.192
93.125.82.225
93.176.198.161
93.176.230.111
93.177.211.162
93.181.136.93
93.89.198.230
93.89.198.236
94.112.27.212
94.155.232.9
94.177.96.225
94.21.211.210
94.230.205.50
94.23.44.42
94.248.164.146
94.251.154.125
94.251.223.53
94.251.238.226
94.54.150.183
94.54.208.149
94.78.161.168
94.78.176.64
95.104.97.240
95.108.68.237
95.133.35.232
95.135.202.96
95.155.101.99
95.158.97.64
95.160.113.222
95.160.125.233
95.160.131.67
95.160.139.186
95.160.156.165
95.160.159.96
95.160.163.41
95.160.186.247
95.160.215.234
95.160.217.225
95.160.228.7
95.160.229.130
95.160.240.92
95.160.47.99
95.160.64.99
95.160.87.63
95.168.56.112
95.178.6.155
95.178.97.110
95.252.54.70
95.39.155.9
95.43.166.202
95.56.147.150
95.57.224.88
95.58.214.43
95.59.35.133
95.59.97.129
95.69.154.65
95.75.234.34
95.85.145.252
95.85.154.16
95.87.64.79
95.91.40.238
96.19.118.136
96.236.73.146
97.90.188.211
98.215.66.207
98.223.73.46
98.226.21.128
98.26.104.228
99.135.245.49
99.250.92.6
...

An HTTP connection was established with 85.87.229.139 to download an executable.

http://www.utrace.de/?query=85.87.229.139
Provider: Euskaltel S.A., Organisation: Euskaltel, Region: Renter (Spain)

For at least one particular IP address, instead of an executable, a page with the following contents was returned:


Alert!
ESET NOD32 Antivirus
Access denied
Details:
Web page: http://...
Comment: Access to the website was blocked by ESET NOD32 Antivirus. The web page is on the list of websites with potentially dangerous contents.

A file named %WINDIR%\Temp\_ex-08.exe was created and executed although it contained an HTTP 502 Bad Gateway status error code instead of executable code.

Filename: _ex-08.exe
Filename: jusched.exe
Filesize: 173
MD5: 2938661ac2fa4ec22a35ab1c6f7942a5
SHA1: aac3a69b66a359dccc27c2bc8f0eba6ef3f1013b
SHA256: ae27033d2d520ce8043780ab972664821fe573d9b71b92a53a9c3072ae754f1a


16 bit MS-DOS Subsystem
C:\WINDOWS\Temp\_ex-08.exe
The NTVDM CPU has encountered an illegal instruction.
CS:06b2 IP:0192 OP:63 65 6e 74 65 Choose 'Close' to terminate the application.

A file named %WINDIR%\Temp\_ex-68.exe was created and executed.
Filename: _ex-68.exe
Filesize: 890368
MD5: f61bb0e99546b6d515c80646f6e133bc
SHA1: cd89dc34992b8296094d3f15ea8cbacea4e04ade
SHA256: 893952b5f2f0001401ec72f68c6b96e0ff972e83bf3f52a6b327a0e14566d844
Contains the "X-Ways Software Technology AG" wide character string.

_ex-68.exe created an HTTP connection with 94.251.238.226.

http://www.utrace.de/?query=94.251.238.226
Provider: Stream Communications sp. z o.o., Organisation: Servers Stream Communications, Region: Czestochowa (Poland)

_ex-68.exe created an HTTP connection with 46.134.216.28.

http://www.utrace.de/?query=46.134.216.28
Provider: PTK-Centertel, Organisation: PTK CENTERTEL DSL data services

_ex-68.exe communicates with SMTP servers to send out mail.

A DNS query was performed for igfowma.eu, which resolved to quickly varying IP addresses (bigger list here) :
108.167.112.229
108.87.39.159
109.107.14.233
109.110.137.83
109.110.204.224
109.122.114.37
109.122.8.105
109.160.26.73
109.173.210.174
109.173.228.151
109.197.100.44
109.197.68.182
109.200.230.11
109.207.108.126
109.207.154.249
109.225.69.164
109.229.185.56
109.58.241.25
109.64.128.231
109.67.40.180
109.86.151.233
109.86.57.202
109.95.176.46
109.95.25.187
110.9.150.29
112.200.112.173
112.200.65.41
112.205.77.153
112.208.77.142
112.210.177.166
113.193.56.87
113.193.85.214
113.52.217.165
115.186.99.17
115.86.126.7
115.86.151.30
116.33.26.214
116.40.250.137
116.73.37.135
117.20.186.126
117.214.40.20
118.174.28.6
119.18.147.103
119.206.107.40
119.46.190.2
121.135.191.196
121.156.200.45
121.177.20.134
121.56.53.64
122.102.138.104
122.34.57.141
123.194.14.156
123.202.69.63
1.23.226.255
123.238.3.43
123.248.158.85
123.248.171.158
124.125.150.137
124.125.90.132
124.216.11.207
124.50.76.154
124.6.3.225
130.204.26.41
130.43.134.145
141.134.195.121
141.196.117.1
144.122.229.124
14.48.108.165
145.236.8.84
146.255.86.37
148.228.75.160
149.156.166.141
149.157.20.45
151.100.161.19
151.54.157.174
153.19.214.137
159.224.20.216
160.114.107.130
161.111.163.120
163.117.28.82
164.15.100.35
165.124.106.88
174.48.134.78
174.97.170.42
175.202.216.213
175.205.116.57
175.214.11.90
176.101.161.207
176.106.109.213
176.222.186.234
176.240.140.50
176.240.235.81
176.57.96.120
176.73.188.197
178.137.153.190
178.148.169.43
178.148.5.227
178.148.76.225
178.149.198.192
178.157.55.114
178.172.197.125
178.216.26.43
178.233.48.35
178.235.101.172
178.235.11.31
178.235.114.167
178.235.146.168
178.235.177.127
178.235.28.112
178.243.223.130
178.252.0.239
178.252.28.141
178.36.177.1
178.36.90.113
178.37.233.4
178.37.66.134
178.37.80.155
178.37.98.159
178.76.40.214
178.84.46.231
178.90.210.155
180.149.216.13
180.230.240.85
181.28.171.23
183.102.220.140
183.130.71.238
183.179.99.195
183.83.176.143
183.83.190.115
183.83.85.4
184.56.51.185
184.59.208.135
186.129.135.235
186.136.112.89
186.137.63.218
186.14.25.213
186.19.78.67
186.218.208.98
186.22.204.174
186.23.227.57
187.2.147.231
188.125.246.43
188.142.21.168
188.173.136.199
188.237.166.240
188.237.200.39
188.240.45.97
188.241.42.9
188.241.8.242
188.254.132.208
188.26.231.21
188.26.243.131
188.93.203.168
189.111.207.147
189.199.162.69
189.199.178.154
190.101.8.61
190.11.111.218
190.112.242.102
190.112.88.162
190.114.149.199
190.1.176.5
190.122.25.235
190.141.58.105
190.163.240.52
190.164.146.148
190.165.32.120
190.16.8.236
190.17.108.228
190.17.186.90
190.17.193.90
190.174.185.240
190.18.132.85
190.184.108.153
190.186.227.9
190.18.79.7
190.190.139.182
190.190.204.252
190.190.248.215
190.192.10.172
190.192.60.212
190.193.246.108
190.19.76.49
190.200.151.253
190.207.39.42
190.213.111.154
190.213.204.245
190.220.127.156
190.244.151.172
190.245.195.200
190.246.216.175
190.32.138.3
190.34.96.122
190.46.140.18
190.47.241.129
190.55.15.116
190.55.221.241
190.6.100.187
190.82.42.160
190.83.185.59
190.8.99.110
190.94.195.208
190.94.235.255
190.95.192.13
193.107.196.5
193.107.199.204
193.140.120.136
193.140.121.9
193.140.123.145
193.198.66.77
193.201.19.145
193.226.253.38
193.29.16.102
193.34.46.205
194.110.116.252
194.224.84.223
194.27.68.123
194.63.128.127
195.117.135.109
195.13.171.39
195.150.60.170
195.178.156.82
195.228.233.186
195.74.57.148
196.15.212.77
196.206.94.148
197.220.156.167
200.120.119.189
200.125.85.159
200.8.2.126
200.86.73.101
201.215.40.223
201.216.204.67
201.236.226.219
202.150.185.178
202.59.136.120
203.205.38.236
203.81.212.3
211.169.239.208
212.106.160.114
212.106.167.56
212.106.28.38
212.116.234.54
212.160.115.47
212.160.231.14
212.233.165.141
212.50.92.18
213.112.32.41
213.113.50.233
213.133.16.132
213.134.185.6
213.134.186.149
213.216.107.117
213.222.172.254
213.231.194.101
213.231.195.77
213.240.207.9
213.240.225.153
213.5.141.68
2.135.26.124
213.65.160.70
213.92.149.65
213.92.156.3
213.92.178.59
213.92.183.140
213.92.184.137
217.113.236.140
217.144.213.13
217.172.252.172
217.173.187.21
217.217.178.213
217.70.55.134
217.70.60.89
217.98.84.94
218.37.71.213
219.70.51.117
219.78.14.55
24.107.240.221
24.125.103.121
24.138.232.148
24.158.220.189
24.158.82.131
24.178.227.8
24.193.37.133
24.232.121.63
24.241.197.181
24.247.210.23
24.34.15.47
24.5.173.217
24.7.244.160
24.9.98.18
27.2.65.106
27.4.166.239
27.4.167.220
31.11.164.113
31.11.241.52
31.131.55.202
31.131.66.141
31.133.38.136
31.134.210.178
31.134.215.129
31.14.221.32
31.211.134.218
31.216.191.83
31.3.89.215
31.41.14.80
31.41.48.207
31.41.49.58
31.43.20.239
31.45.61.126
31.46.4.32
31.47.12.121
31.47.22.205
31.6.139.187
31.6.238.70
31.6.243.18
31.63.198.123
31.6.98.221
37.110.29.154
37.19.131.29
37.77.156.174
37.8.197.190
37.8.197.228
37.8.210.248
41.102.40.176
41.200.181.64
41.235.15.184
41.238.108.158
41.59.5.171
41.97.233.89
41.98.124.74
42.201.227.95
42.201.228.149
42.3.148.222
42.3.148.223
42.3.169.189
46.102.44.184
46.116.240.2
46.120.104.18
46.148.168.232
46.175.237.213
46.186.102.39
46.186.49.51
46.186.6.152
46.195.178.165
46.196.204.118
46.214.114.19
46.214.24.137
46.214.51.146
46.214.79.147
46.228.81.213
46.249.72.136
46.251.3.78
46.252.209.6
46.29.145.135
46.29.149.184
46.40.82.170
46.49.11.87
46.55.157.109
46.55.77.137
49.204.177.43
59.12.14.77
61.0.32.21
61.15.104.9
61.223.102.81
61.251.192.26
62.121.89.157
62.141.198.82
62.141.202.53
62.141.219.5
62.21.48.22
62.244.151.209
62.248.25.37
62.248.30.143
62.44.114.254
62.45.4.159
62.61.32.153
62.61.47.121
62.61.47.195
62.69.204.6
62.84.48.64
62.84.58.142
62.84.62.201
64.53.150.122
65.30.23.10
66.189.144.151
66.214.173.240
66.57.200.97
67.167.21.13
67.167.241.125
67.231.32.209
68.119.57.22
68.185.226.198
68.204.7.148
68.42.28.253
68.55.223.117
68.60.60.43
68.62.236.208
68.84.30.55
69.134.121.219
69.142.33.156
69.144.28.14
69.180.252.42
69.249.74.67
69.253.181.65
69.46.65.46
70.122.112.93
71.235.138.63
71.237.2.229
71.58.224.19
71.65.108.144
71.94.59.110
72.179.165.242
72.182.28.33
72.241.230.242
74.72.156.213
75.28.99.231
75.64.141.182
75.66.120.196
76.102.32.108
76.107.84.171
76.174.5.125
76.183.126.95
76.31.193.99
76.84.247.6
77.122.185.37
77.122.72.189
77.21.232.69
77.239.27.57
77.252.90.173
77.253.26.136
77.254.37.168
77.32.6.32
77.38.168.214
77.45.15.16
77.45.19.164
77.45.23.163
77.46.13.124
77.65.133.144
77.65.99.220
77.78.224.6
77.87.217.160
77.89.86.225
77.90.113.253
77.95.53.169
77.96.10.4
78.10.107.196
78.131.61.153
78.139.8.90
78.142.39.30
78.153.100.13
78.153.103.0
78.191.181.82
78.230.90.120
78.234.89.211
78.251.74.123
78.28.14.96
78.28.30.92
78.28.47.116
78.28.53.133
78.28.58.179
78.28.59.43
78.31.229.112
78.58.107.161
78.62.124.20
78.8.134.215
78.83.194.166
78.88.107.201
78.88.108.251
78.88.110.66
78.88.119.34
78.88.176.42
78.88.212.212
78.88.214.219
78.88.246.59
78.88.28.174
78.88.52.110
78.88.62.202
78.88.6.33
78.88.76.3
78.9.44.9
78.97.14.189
78.97.2.238
78.97.49.89
78.97.72.223
79.108.43.40
79.109.108.104
79.118.210.87
79.124.116.91
79.139.110.20
79.139.1.120
79.139.1.132
79.139.68.201
79.162.131.46
79.163.112.6
79.163.88.129
79.173.12.4
79.173.26.190
79.175.198.36
79.185.203.189
79.189.96.126
79.191.192.153
80.48.126.227
80.51.21.82
80.52.244.174
80.54.140.23
80.54.215.127
80.54.249.204
80.55.238.18
80.96.30.121
80.98.4.51
80.98.88.81
80.99.122.118
81.101.136.178
81.15.207.43
81.15.251.115
81.167.148.237
81.190.163.223
81.190.244.122
81.190.247.200
81.190.247.74
81.190.252.121
81.190.27.195
81.210.58.51
81.219.5.160
81.84.112.10
81.88.157.141
81.88.159.229
82.115.94.146
82.131.148.154
82.139.33.207
82.139.40.174
82.139.60.187
82.139.61.148
82.139.9.248
82.141.176.122
82.141.176.189
82.143.150.159
82.160.250.148
82.192.36.7
82.200.215.134
82.200.215.149
82.200.215.151
82.213.169.2
82.23.138.84
82.249.99.140
82.50.119.242
82.77.208.149
83.11.117.142
83.12.185.117
83.1.33.102
83.1.38.14
83.143.103.18
83.145.174.51
83.1.46.140
83.1.50.199
83.156.58.100
83.180.241.5
83.1.9.33
83.2.131.213
83.213.235.102
83.2.155.42
83.21.78.172
83.22.193.141
83.22.89.189
83.238.182.237
83.238.88.148
83.242.67.207
83.255.110.74
83.26.194.163
83.27.244.26
83.30.123.159
83.30.99.50
83.3.253.82
83.3.31.22
83.4.193.208
83.87.170.233
84.10.143.86
84.10.146.194
84.10.157.108
84.10.158.85
84.10.161.249
84.10.195.122
84.10.235.179
84.10.35.26
84.10.53.243
84.10.78.36
84.121.81.85
84.122.28.25
84.123.82.176
84.205.167.34
84.205.26.150
84.2.129.133
84.224.181.96
84.225.16.175
84.237.161.166
84.245.203.228
84.3.230.156
84.3.62.160
84.38.106.193
84.43.159.52
85.115.122.102
85.121.218.39
85.130.10.147
85.134.207.194
85.14.81.133
85.14.86.98
85.155.224.238
85.155.60.35
85.198.206.98
85.202.36.189
85.221.152.47
85.221.191.45
85.221.221.58
85.222.102.131
85.222.98.191
85.232.135.240
85.232.155.146
85.251.38.1
85.28.130.166
85.66.49.131
85.67.188.93
85.67.92.91
85.84.166.157
85.84.203.93
85.85.184.64
85.85.24.176
85.87.139.60
85.87.98.242
85.89.167.163
86.100.78.47
86.101.23.23
86.101.30.104
86.105.76.193
86.111.96.45
86.1.254.45
86.63.102.221
86.63.105.19
87.101.25.175
87.111.153.148
87.116.222.133
87.116.238.187
87.116.245.176
87.116.247.32
87.119.15.134
87.120.208.35
87.199.35.51
87.199.46.134
87.204.164.178
87.206.103.71
87.206.161.151
87.206.182.69
87.206.215.206
87.206.30.76
87.206.83.140
87.207.138.64
87.207.213.152
87.207.61.134
87.246.198.161
87.99.113.39
88.132.129.141
88.132.45.164
88.132.63.164
88.134.70.63
88.147.8.184
88.148.210.211
88.148.80.151
88.156.118.212
88.156.122.3
88.156.131.18
88.156.137.116
88.156.175.222
88.156.196.73
88.156.215.103
88.156.215.179
88.156.219.185
88.156.245.234
88.156.53.214
88.156.81.190
88.207.14.130
88.207.21.131
88.220.101.38
88.220.103.86
88.222.176.59
88.223.42.233
88.250.222.195
89.102.61.227
89.132.229.46
89.133.105.3
89.133.140.235
89.133.44.125
89.134.216.130
89.134.41.19
89.135.114.193
89.136.11.40
89.137.169.88
89.148.104.130
89.148.107.213
89.148.121.209
89.149.86.171
89.151.30.16
89.151.30.65
89.151.31.249
89.167.89.133
89.167.90.55
89.17.235.50
89.17.244.37
89.174.13.188
89.174.233.21
89.191.167.25
89.200.215.197
89.205.97.192
89.215.156.36
89.215.49.18
89.228.112.72
89.228.142.212
89.228.155.5
89.228.161.60
89.228.241.245
89.228.245.170
89.228.29.40
89.228.31.194
89.228.35.26
89.228.37.186
89.228.55.132
89.228.72.11
89.228.75.157
89.229.147.73
89.229.152.181
89.229.152.28
89.229.158.168
89.229.205.233
89.229.217.115
89.229.244.174
89.229.250.10
89.229.36.29
89.229.40.200
89.229.4.219
89.229.58.208
89.229.80.243
89.230.100.221
89.230.139.30
89.230.176.178
89.230.18.249
89.230.194.114
89.230.198.217
89.230.208.211
89.230.231.52
89.230.27.50
89.230.42.75
89.230.44.234
89.230.51.118
89.230.68.26
89.230.75.200
89.231.124.175
89.231.146.15
89.231.149.155
89.231.150.169
89.231.187.217
89.231.69.152
89.236.227.101
89.238.17.177
89.238.18.44
89.238.25.205
89.239.96.158
89.25.133.148
89.25.149.142
89.25.195.26
89.29.144.141
89.32.166.135
89.34.175.184
89.38.204.52
89.41.1.114
89.46.179.29
89.47.112.238
89.47.215.101
89.68.180.151
89.68.73.62
89.69.207.83
89.69.4.124
89.72.115.107
89.72.154.151
89.72.41.129
89.73.10.76
89.73.153.144
89.73.155.192
89.73.185.113
89.73.221.85
89.73.225.75
89.73.255.4
89.73.26.52
89.73.66.172
89.73.70.230
89.73.84.49
89.73.86.184
89.73.93.181
89.73.98.217
89.74.168.58
89.74.205.38
89.74.62.139
89.74.96.150
89.75.126.125
89.76.120.50
89.76.180.147
89.76.187.60
89.76.239.96
89.76.31.227
89.76.43.139
89.77.181.59
89.77.60.223
89.77.82.41
89.77.85.233
89.78.133.216
89.78.249.35
89.78.255.115
89.78.58.121
89.78.62.41
89.79.156.232
89.79.198.0
89.79.205.56
89.79.212.227
89.79.56.176
89.79.72.19
90.146.87.234
91.124.215.53
91.145.148.96
91.145.185.96
91.147.205.75
91.150.145.123
91.189.140.54
91.189.140.66
91.196.49.208
91.196.51.241
91.206.78.199
91.218.158.99
91.233.185.52
91.233.199.118
91.82.36.251
92.112.103.28
92.114.116.47
92.241.136.209
92.245.194.199
92.245.67.144
92.245.90.220
92.36.208.0
92.55.203.15
93.103.182.217
93.105.107.75
93.105.109.229
93.105.118.44
93.105.132.191
93.105.143.234
93.105.154.55
93.105.217.155
93.105.238.240
93.105.243.186
93.105.3.240
93.105.48.53
93.105.57.245
93.105.93.8
93.105.97.143
93.114.2.210
93.114.239.242
93.115.12.10
93.116.15.195
93.125.82.192
93.176.198.161
93.177.211.162
93.181.136.93
93.89.198.236
94.112.27.212
94.155.232.9
94.21.211.210
94.230.205.50
94.23.44.42
94.248.164.146
94.251.238.226
94.54.150.183
94.54.208.149
94.78.161.168
95.104.97.240
95.108.68.237
95.133.35.232
95.135.202.96
95.158.97.64
95.160.113.222
95.160.125.233
95.160.131.67
95.160.139.186
95.160.159.96
95.160.163.41
95.160.186.247
95.160.199.206
95.160.215.234
95.160.217.225
95.160.225.179
95.160.228.7
95.160.229.130
95.160.240.92
95.160.246.4
95.160.47.99
95.168.56.112
95.171.218.189
95.178.6.155
95.178.97.110
95.252.54.70
95.39.155.9
95.43.166.202
95.56.147.150
95.57.224.88
95.58.214.43
95.59.35.133
95.59.97.129
95.69.160.96
95.75.234.34
95.77.174.148
95.77.190.197
95.85.145.252
95.91.48.4
96.19.118.136
97.90.188.211
98.148.147.37
98.223.73.46
98.226.21.128
98.26.104.228
99.135.245.49
99.250.92.6
...
http://www.utrace.de/?query=68.185.226.198
Provider: Charter Communications, Region: Hammond (United States)

http://www.utrace.de/?query=78.131.61.153
Provider: DIGI, Organisation: Wekerle Docsis, Region: Budapest (Hungary)
Filename: rtce001.exe
Filesize: 886784
MD5: 0104d24fc6c1f90dc61c6d7fd9ba493a
SHA1: c420e7effa74d7fdd565f2dc6c34c773952b68bb
SHA256: adba0717e918d83a4298e46b47e6fbe248afcb0e8f7c5fde0cc5aa321864188f

Filename: rtce001.exe
Filesize: 893952
MD5: 011023c7686a1d3471e7df6eafcd8674
SHA1: 904d109eb33b88f8c05bdb2b50937150bdcaf6f4
SHA256: c8c9de6cefba8c5a7afb24a3914fc9951af6309271802549c5b507d742d79692

Filename: rtce001.exe
Filesize: 894976
MD5: 1001db70e99f02c8b833828d822946da
SHA1: 117742e5ed3e717c698eb418ffd3750b07c3bad6
SHA256: 60decfdacb7cc714fb054b09962f898b9cb92adf1d8875ad0f054c012d76100e

Filename: rtce001.exe
Filesize: 891392
MD5: 11be08329598740420ce24d6bfb2a722
SHA1: 2c14590cbb997b4bfe5418571b02d1edbd57d7e1
SHA256: 87a68d6719a16ee6047c859b0f6946889c4a2cadca51dda1e3759885e830a932

Filename: rtce001.exe
Filesize: 889856
MD5: 17c263fbb096b85d79e719fec0865216
SHA1: 7284844bd3581cc09350cfb526d5ed884d03777d
SHA256: c33e8aea21f91d175036220f28581453f05878279926fa429b5885ec95aa79b8

Filename: rtce001.exe
Filesize: 890880
MD5: 1b3d3dc07dcebf89cd01520a011d714d
SHA1: e5ebd2a75a0487da0c0cbc97708ee152f2b7d2da
SHA256: d594f229effa51e4bdb790e205758b39fc45b6f1692382a6d4811cf565903373

Filename: rtce001.exe
Filesize: 884736
MD5: 1cf71a3c5b837b7316bb707d427d1182
SHA1: 32fc9a1eaace49a1a72b29de198615700503b936
SHA256: 7d81e51afa7ce7dc0a48e9cc56938133d80c4e245bfcfc26ec51188108170f38

Filename: rtce001.exe
Filesize: 886272
MD5: 209c2b17b2625cd3e3f65571e81b8959
SHA1: 53465c6aee9e2c0c8caf2182b8404ace901c599e
SHA256: 7b23804991e459b2cb2d667643e892ada742f3c1a58c36bb17b67e417d0322dc

Filename: rtce001.exe
Filesize: 889856
MD5: 222ab4f46b5efe1c9b894a12d365b57f
SHA1: 9580be29a3b7faf622451f32d4196ce797023361
SHA256: d18a8da8698009cd6a1a51632ab5160676be7e2accea0d8758e602cb5221b1d2

Filename: rtce001.exe
Filesize: 892928
MD5: 29742637f805ba87624564d345298810
SHA1: fe74007570e4c7e8d0bef942c8ffd0ea4df14c55
SHA256: 94588753329809da3366b53ac436817b7179a93619ab0a26180970709c1baf58

Filename: rtce001.exe
Filesize: 889344
MD5: 2d433c840a613161e049f4ba36d988f1
SHA1: 2d73f43b7f2eaedbfcfcd7d2b83e93e3d669bed7
SHA256: c4cdf35a4c90fe925c06432e90e84db19e25c23da4132871a3b4fd0420bbb146

Filename: rtce001.exe
Filesize: 888320
MD5: 33d1fd6d3cd92a08ce69e4c07b26982d
SHA1: a2ab2a5d38e017405e320ecd9665ea92bef4f83f
SHA256: d560b3beaf23cd61641292f877503e53603adeca8fc9dee2ce0a37f14e0bad60

Filename: rtce001.exe
Filesize: 890368
MD5: 3cf30495e3cefae2bdf2ce18a490fa28
SHA1: ded93081a8302e4245fa41aea4bae47a592f5474
SHA256: bf9322d6a7a8512f961695e12ae1b1a210533844a0b8fa33e5ba67215acda096

Filename: rtce001.exe
Filesize: 886272
MD5: 452bd0f48557fcfd10b87d6cd381c9c2
SHA1: faacfc667ef08b8195a63f819ea43f846df69ee7
SHA256: cc48a6026e31b43141cf4523473b4ce7dfab238a4e64acc6b62b1079ef6b3b26

Filename: rtce001.exe
Filesize: 892928
MD5: 471b279ee884eee539fce0115208e90b
SHA1: 7b79fffe43b3211f3355ef0ec86594b37f85d9aa
SHA256: 880580e23d6ac82039e4421a0c0c9e1dc3b68051b6939c833f9bc16d087a06f3

Filename: rtce001.exe
Filesize: 890880
MD5: 4e038ad9882753d29b2c8bd02ab0f56b
SHA1: 1daae82545624e7c14e9a07dc3b3ab97afd33de0
SHA256: cdd94b6943d5cffc0058accb7a972e06d441c4a9d9da95b1627d6786ab6d86b7

Filename: rtce001.exe
Filesize: 887296
MD5: 518cbbdef3c615cdcce4a3a36f3a0b64
SHA1: 22368efb802d38b0cc4a78a295fe3b26f42710f5
SHA256: 850000bcb105296fd83a60d6b8d81db912974746e789c31d588d00859da6df7b

Filename: rtce001.exe
Filesize: 888832
MD5: 54275d3d66fc48186ce39dd447bc8e09
SHA1: 61c7eab6930452d9b67406a05d0c93e9a785b03a
SHA256: ffa18d841ece6fb871ad58a644cb90126e5ea465189cc149737fd46ba7352b43

Filename: rtce001.exe
Filesize: 882176
MD5: 59fcbc6efcf42dc74c1e1295a8bc08f5
SHA1: f3bbb858eeaea25367004a8721b2b74e547c6150
SHA256: c3ba22f2933cd29379006a002f06bcab0c3b4114bb7f91c4768d8b7862986e0a

Filename: rtce001.exe
Filesize: 883200
MD5: 6200bb9aa89a1cc9cb48507922ac99e8
SHA1: 89ca43238cea9e4417c019419efff7872f7296df
SHA256: b851e78bd5d5e07fcd7c5a76ff1b5cef86ea3f153afa84eac59350818dd83cb1

Filename: rtce001.exe
Filesize: 891392
MD5: 6948d263bef7ff06ca7e2c606e9abca6
SHA1: 2750e113be2241cbec5c54e55862b87080f63da2
SHA256: 485926931272e36ec65b66137737ee469f72fcd30067f84871afa865a0695116

Filename: rtce001.exe
Filesize: 883200
MD5: 6a6a202488f25d3f698e61aeb8fea1ad
SHA1: 6f3a7d9202b6172715ef6830954d0278c268c118
SHA256: ed5bd7636466114a1bfb57335441935fd7d0693d214c192ee7cb6368190ea1bf

Filename: rtce001.exe
Filesize: 898560
MD5: 6b2a0ec0e42a8c5ac8f2aacc7ad3fc76
SHA1: 137ea98852ce85486d33261fed1437ef4780a738
SHA256: 8f2966ad4446df3eff8ad623e10656fdb63d977d8f256b08430565407d5d1a2e

Filename: rtce001.exe
Filesize: 890368
MD5: 6f7216d594b6ff01b05419a6dc60c6a9
SHA1: c59d5697e80547fd0e2fdb01d334d88de517a66f
SHA256: 990973ce3c40f605477b971b0d7b393a304c3f07116aca8e0d3eed9d815a8004

Filename: rtce001.exe
Filesize: 888320
MD5: 77ee52dca008f6ae31283c7466bae96e
SHA1: cb97ea6a8c811c8ac39ece558ab908e7346b4a9b
SHA256: 305d4f05033558b09eeb47b9037fe8ff8f60cf114c46e35293988b6cfab87995

Filename: rtce001.exe
Filesize: 894976
MD5: 83e843c7dc72a2ff0dd993ae57139e5e
SHA1: f629f6fcf291e9157a6c26b806ab98dd32991f81
SHA256: 841dd07b67e09a9046f5d194a568597cbe14c00106194bea36dec7e435bb8319

Filename: rtce001.exe
Filesize: 892928
MD5: 88989c8613d68c7ed8f99f98e8bfc752
SHA1: 929c19ca52c65062abff76e3158a5e97f302f3a1
SHA256: 9ac0f171f0fca5e57ee9319a9c90addbbf0da8a9a2f7c6f12c347a6b32647846

Filename: rtce001.exe
Filesize: 883200
MD5: 9870b2a3db03c9325edbede56087dfdd
SHA1: d1a968692afe57a9e7f6148346934c41530da438
SHA256: 6875a8bb0f1687f815e7214b9813b1091d908c338079442ec84143d2bbd0dd07

Filename: rtce001.exe
Filesize: 882688
MD5: 9a583faf816acd11202e7f6d66a5cd5c
SHA1: 28d498645b90f95727cc35e4d31f43828a6575b9
SHA256: 0476bb19381e44a6039cc4bd8dd41ed72f7bb7c2c0053fcff461f4edac9492ef

Filename: rtce001.exe
Filesize: 888320
MD5: a1fe56fd80aa73ae33f1fecd538d3fd8
SHA1: dc5264b0083f05a1742d5fc362ee557350a59f55
SHA256: 0152b19ba1f6fbc9794823866cd8385ca0dcc2ce3e1c6b00df8fe44c49b2127d

Filename: rtce001.exe
Filesize: 889856
MD5: b1476e4fae019eb83d81ff385f5e788e
SHA1: 52616fa50c08a5e157a58d9fedc02ed85a97bdd8
SHA256: 23e786535aa66bbf5a4e21795584f46e6fe8834d19b1b53b96b25a7e2f8fae2c

Filename: rtce001.exe
Filesize: 887808
MD5: b372bf441338c1f06594e294ca8e405c
SHA1: a0823caecd788a9287292de5177ca90b141e789e
SHA256: 30ebe5408ff4b8ea90bef8569f8275c314c27ad3ccf489852c0e4c6944b0ca0c

Filename: rtce001.exe
Filesize: 893440
MD5: bc818d39cf50b8df38776e6cd70d01c8
SHA1: bbf542ada916de49f1249d39f2847bdb66572499
SHA256: 53a0f17c5e5761d9e9ee4a7b0998044b98d288e42487fb1e666a11addcd247db

Filename: rtce001.exe
Filesize: 892928
MD5: c740f54355cd6cb46d2bd5fe82b63062
SHA1: 3bce07c062e11ec53090dc3ae23c94794ba96f09
SHA256: 1e49a2be7470f55406a01aeb5c0e4637becdd822402ac63bba040cc4485a0ef4

Filename: rtce001.exe
Filesize: 888320
MD5: d65f7035e0af3072e1874ec1b0ba1cf4
SHA1: e2cc8dd3728687cf6ffb05e9fd14e1858731520c
SHA256: e9683b5eb93157c1907406ba8312769c9ce4cfa6aa3032c23173bf5504e5aaa0

Filename: rtce001.exe
Filesize: 891392
MD5: dad5455743195090a04a8ef6e325c46a
SHA1: 7a175a17c0196bc871866ba4fff8b012c08be2f0
SHA256: 5b5701e371bf28d497a10210e680962e7781c85df00cf79976a14de988ed2b3f

Filename: rtce001.exe
Filesize: 897536
MD5: dfe49894c217cbc6a56b116291f05e2b
SHA1: 26babaae264cb2c06c4fbd5a21fa149767a411fc
SHA256: b00cfc310a1113cdb8abf582c2fdf637f466edd40792ef0a6dbf6a6f096cd1c7

Filename: rtce001.exe
Filesize: 890368
MD5: e3e1da9869104ceffc330c3ed0a35d74
SHA1: 507a17d9d7626ca21328a8baaf37f8c903c457d1
SHA256: e8b7c62db38a9193521898f5f8fcbafb7f1a8b16774029b2ae2855110ea41a2c

Filename: rtce001.exe
Filesize: 889856
MD5: ee69263aa17ff4ad94286a041cd6accd
SHA1: 6f12aaef312ca4fc79ec2c9cdfa2d046b0b1fef0
SHA256: a91e53581afbcfd3c4cebb9605f0f1b95bd3b0178534b0d9c5948a4522cd263c

...

Filename: veresk1.exe
Filesize: 882176
MD5: 02f6d1226abeaa10ba47bce30ff3f88c
SHA1: aa2f3830b83a6fa0371e36afd65ead016c1c6763
SHA256: 07112bf15bf7319ca1239f54039174507d6d253704286b720562485a4e64c956

Filename: veresk1.exe
Filesize: 893440
MD5: 0632dea17bd85605362db36ef85803b1
SHA1: e92ccaa83558315e3e341f8902911d7372465dfb
SHA256: 20c7c8490caa3e1fc2e78bebe44abe4a87403f81afb4e39d90470eaa6caf6418

Filename: veresk1.exe
Filesize: 886272
MD5: 0e3b2a22fe7401128118e2da201ce308
SHA1: e142c63e3ae98f0bbb13c429ebddfead7a5b7e01
SHA256: 623869f049366589150466432895371d7f00159ccd33f5a2ebbb89517ceaf076

Filename: veresk1.exe
Filesize: 882688
MD5: 1293857e8860292497946844ee436349
SHA1: 8306446b29ed153452ef11ba50f70858adde7fcd
SHA256: 188f794f1d10264f7c180a96bf286846ab659553ae6e63b0cfec8f012c86a0af

Filename: veresk1.exe
Filesize: 886272
MD5: 14c2be8f290635664c6749909750717f
SHA1: 600e567cc2d14c44bbccc699010580c4ce99cfbd
SHA256: 27be2bf591db275d071ded6a795ae3fc2439bc97d7f04fd8558a2be90522f0bc

Filename: veresk1.exe
Filesize: 892416
MD5: 169336b69969efe17830b7885eb86aa8
SHA1: 859cfa54f3ec5c0eafcea78cbf3d5a4789051b0e
SHA256: 3ccfb7bbbf21c10778ef42df7e298bbba133e219d7fa28ab5a174e01e00d210b

Filename: veresk1.exe
Filesize: 893440
MD5: 186ea010a3deb01ec9a6ac7b21a9f754
SHA1: 5256fa04b2f8a5be9a55fd6910d82f575c832fe8
SHA256: 1cfd3acea746888190fe38307aaed457367ddc1e53518b14cb6b81faeae75a01

Filename: veresk1.exe
Filesize: 882176
MD5: 1b4c36a8d04a70571d5a7d05202648b9
SHA1: ebdb21bce5f03de3d839b14d5cc953de4c2feca2
SHA256: b0742ea3d46491ea7626a5c03cce191665bc4f1cdcbeba1a76ab76139be42e45

Filename: veresk1.exe
Filesize: 889856
MD5: 1bf3cfcc890e7e7406d401e39e5b4a6b
SHA1: db264f147989d69f708079dfff92b9ff9838296a
SHA256: b1e88149445149b62a304247d2df961cbb57610b92928a4aca235e5e18db8c78

Filename: veresk1.exe
Filesize: 894464
MD5: 24ecde02d4c6d102b68e9a5bc78c2609
SHA1: c8f9d6c1dafe05300799ba89a1be6e7de11d10ef
SHA256: 1e58a9ec790e43311693d9f2badd291e68f401e7b4759a0756eeee0dd342272e

Filename: veresk1.exe
Filesize: 885248
MD5: 25341452b5774329fe7dada87587dec8
SHA1: 7b7db45e648bfcc92c9061d50867ac55987f6561
SHA256: 9d9d89adf3341a0c4a2e9bb2052f3e6d7c5f1a5247f011164877b12f3ec8ebfb

Filename: veresk1.exe
Filesize: 885760
MD5: 28fe5d96326425b49e5f2f995698d735
SHA1: bb6c449ec5ab2748e003ce9a64229e768bf4030e
SHA256: 4e06f1a4a1367a7dd4a04f4f132eaa71c85f54fbc8a4d2e496cf4abb89bac92f

Filename: veresk1.exe
Filesize: 886272
MD5: 2af0a4a02d0a7f02de1e3bfd4cf19e7b
SHA1: a3bf6730d4d06a0b952600c3b6d8eff43dc52cfe
SHA256: 6b60c3336b01e4156741a8269385f6708b061284e5bef9885b6546c82b7545dc

Filename: veresk1.exe
Filesize: 890880
MD5: 2e89139ec1c53c9a0f3773e30f9d7ab5
SHA1: 6085a4f72bc503e7af3b09e2002420b2445a44f6
SHA256: 15daab79b19858b8af0573a48b52b5f3b66dc1569dd5b5e3e05832410de9bc76

Filename: veresk1.exe
Filesize: 1448
MD5: 34e17deaa43ff18d7751a3c36a7b067f
SHA1: 720a55d3094fc2384c99532a18afe779eadaa2e1
SHA256: 61ee721229e1de370fa04160746dc020393588846c2ad7199ddcc29c69e7c4ea

Filename: veresk1.exe
Filesize: 883712
MD5: 3b4041481b308fc87cc97f18a898257b
SHA1: 675c9ec2ac4824dbee9cd5b0a7408fe8e97950c4
SHA256: da5df21824df05d2d8fe5c5db13af094a03d3d3b4b7019f35100f75b93edeabd

Filename: veresk1.exe
Filesize: 885760
MD5: 3c1e356d8f71b5ec079025276fd831e8
SHA1: defb5b737e2b69ffdbc2b1b9d52ed460b34999a7
SHA256: be51efd0575b21578d03c548bb21b6bb82397f6a7e411158e64684ca8f9dad7c

Filename: veresk1.exe
Filesize: 888320
MD5: 3d5cee77b4c7ba0aafc661b5b9cea43a
SHA1: 54ec8b5e51b0e162e001d54c68fc9a6d298d25e1
SHA256: af0439a2235e88ee81d1dec1804e70b93cf072d73e53778f23f82ad16aab6c15

Filename: veresk1.exe
Filesize: 884736
MD5: 5082b6b81f56271962eb5ee599e6c642
SHA1: 5fb2b08fb04933767514b921230941769d71e862
SHA256: e977487c030335abf188a2e7f26bf7433ceb6976a3d7dac63aaa881253c0a6bd

Filename: veresk1.exe
Filesize: 886272
MD5: 5617e6464d93aad7116ec8627148a7f5
SHA1: f98867e6f89b0489a3b548764a50edc868322c84
SHA256: 0c36d1aa47feb1684fcccf8285e650344bfaaa28c1f3fae55af49d5629b1379b

Filename: veresk1.exe
Filesize: 892928
MD5: 56273e4e31cd228e007cc4e96a78d917
SHA1: e028dbbd66c0a9d217154afb920fd1e56ffc5377
SHA256: 2559ab849a440fb7c03b5c67fea5f409de2f2aa2dfca540d426142320990cb5b

Filename: veresk1.exe
Filesize: 884224
MD5: 5860d0d3714944f1c389164385fd2e9a
SHA1: 71baf04d4603377832b32e6897201b66f6595726
SHA256: e46da11a378fd8e1209b6ce5b338873d02fa2e643ec0dbd0f31a965688072761

Filename: veresk1.exe
Filesize: 884736
MD5: 6363589d4918f2d1b7541482345d0b9c
SHA1: 88c6c27eea066d6d4dcf91030fb087b94f12e673
SHA256: 76ee08644a2807d1f6fecb6987c52cd15e17c31d767d743de2946e0f30683f14

Filename: veresk1.exe
Filesize: 886784
MD5: 6b29e5454c0a2abe5ee89737f3db2ef4
SHA1: 0abb5d0df0ad98854b42598dee4b0f89f5bd180f
SHA256: 2d77e9ecd44a540a6ccbb648d15971a27b9b2782d9686e1b2bec608a3350b1ee

Filename: veresk1.exe
Filesize: 891392
MD5: 6ba64806fd12908f098ad2e966199914
SHA1: b2f01c10fffdf6a99f9382f5e57f49bafa735612
SHA256: 9fb900ee6ffeff8d3c5b00ccc1773f42f5f085dd62c3806fabe6fdf68222bd66

Filename: veresk1.exe
Filesize: 883712
MD5: 860b94d10c65ed8aabbec19449205d99
SHA1: 1f9062427125a459399b899eeb6d047c143dbb6c
SHA256: 92707f37db00a45a7d6a8991c9cbdc13c23f7c471aaf3dcf443facbbf826bbf8

Filename: veresk1.exe
Filesize: 882688
MD5: 881a8af7b922710808828d24b0d80adf
SHA1: af28dfbb7c89af00374a560eb171d81f2e35fb50
SHA256: 5d054031c226b4163c9900e067086bf7516a4ec1ef9645c066f4c1b8a17c15c3

Filename: veresk1.exe
Filesize: 885760
MD5: 894f93ecfd176b3ad86b6bf7b71d4288
SHA1: e05bcbffcabb8a914d8b4fdd05c984f69cbd9203
SHA256: c1484fc06d37a372c87f49ad04786933a3d348264e56a9273ac848c1c9574889

Filename: veresk1.exe
Filesize: 891392
MD5: 899e16772c2655005d074fcf563aab95
SHA1: e0d7563b10461be3f9d8701e6bdba79693b52871
SHA256: 74b1f65cf51e89e9bdcf1377f638252c06da0ae5a22cd0f4d09d2eee640008f8

Filename: veresk1.exe
Filesize: 887808
MD5: 9034f915b266c372c9cfbe0ff4836435
SHA1: a254ca2c68473e935d8f4af854ca85ae1cd7d1eb
SHA256: dcd825251c7fc8a68e16f390b317065e20b61087ea5189ae8b4dd311de87fde6

Filename: veresk1.exe
Filesize: 899584
MD5: 99eced1daaee3a1522dc18835cc97c1b
SHA1: 5e660a347d86522b2a60b561adb204e65f534707
SHA256: de0342d5c4823e39418d8c9888576dce5085762ca34141eb1e581905228b941d

Filename: veresk1.exe
Filesize: 892928
MD5: a8324dfb3cedeeb234e2c438dc3715ca
SHA1: 16b7afda30a9635de8af724830717e6d8f1b296e
SHA256: 524d65ff83a8507c18811b35a305cee447c50c583e3a539488e093a5afaf264a

Filename: veresk1.exe
Filesize: 884736
MD5: ac07ba52f0650bc3e2ffa8fc70edc85a
SHA1: c77e62018440c71ec876d4daeb2a748632ea9eba
SHA256: 337a43f7aec3ec945bccc23d7d91351f46e6bff37c10160d1d516f5fb20032c7

Filename: veresk1.exe
Filesize: 883200
MD5: ad2b2315951ebfcc80d72dab4fb05a7f
SHA1: 447fbb663e0c4facfeb6005e3209ec4f215152a3
SHA256: 8b41ce45c9b61fb8e0f12a00d6bd0bb751d28b254e90dceafcda1a1889da7891

Filename: veresk1.exe
Filesize: 883200
MD5: b3d8bbadb8df61b3118836720423cf55
SHA1: 0520bff69d364559b9afbc0e761d5c8ada5b369d
SHA256: 811d7d7e1e518ecb38e4a0a04a94e7b44ebd6cd4daf63b8d0cabb69f67faa79e

Filename: veresk1.exe
Filesize: 890880
MD5: b74573cb40a0959be791493a0c1afeca
SHA1: d4d0ae181a50a3993ad49d7d3f763c068cd3ef63
SHA256: ed27c464363d0d5692a1bc0a662132d07d2a1d4b7b7aa7e97353a7dfc254142c

Filename: veresk1.exe
Filesize: 881664
MD5: b80f2533fb3eb5d874835a356ced22ca
SHA1: 7722573f26fd632c1bc398c2b1626b87d52eed16
SHA256: c42e936ccc6c7e2ab08b0a500aebce0749c1addc59852ba49593ebb9300e51f7

Filename: veresk1.exe
Filesize: 882688
MD5: bf4b83935654aa8fe1786bb86edd3580
SHA1: b2e1666d06348df556af6a30154c5f099161dec3
SHA256: 18f6c9110b16016650d7f2d31af92afceff9f44305a02d001b765af22249fdbc

Filename: veresk1.exe
Filesize: 891392
MD5: bf7949cd204f9e2d0d956572d8415742
SHA1: ee3264a334d7ca1e599929c9bfa529697d61588c
SHA256: 10e29124af5d5bf8e2404dd2c632ec8986aae4674c51deb2d4d15535fb830e75

Filename: veresk1.exe
Filesize: 895488
MD5: c570bf95ca79f362c532c3ca7894644d
SHA1: 9deadefe5310955b13f0cb9c30eef8538ccd27be
SHA256: 8a276a7075d916426f84dcef0f7ca33e557981e64a4013bd89383e5087693fe3

Filename: veresk1.exe
Filesize: 894464
MD5: c7d0f33452af2e4c2d5810ac26d57d97
SHA1: 433aee5096171e70b8affa51e2a6ac3269814d03
SHA256: 56e4b01c4a93b023ead05b577040a1a37768a8a76beefe20e8631eb9adce85fa

Filename: veresk1.exe
Filesize: 885248
MD5: cfbb1ba8f14bcd5ee8c55fa5ba3a0ead
SHA1: 976ab63a06a1c49195418b00e085ff81d59d7b22
SHA256: e937cf696efa343abcd5391d7de8210428c1c84d5327e2f368c6b377c2949ba4

Filename: veresk1.exe
Filesize: 888320
MD5: db3f3f83d1e82ffd88885c1b81cefa67
SHA1: 0d7a342224bad1ffe3ac9dc4ddd904e2521e8684
SHA256: 6fafeeed53d465f62486a644780ac682266601053936ff6902d81957619dc547

Filename: veresk1.exe
Filesize: 890880
MD5: dbd9fa609ae21aee57f02f9e64544701
SHA1: b54c20fb68ae253a29a22348d8ae57d18f89aa89
SHA256: f72c192342e9a3d38ef5df71a113f0deed85943b8e526ae6c42242e514e3368c

Filename: veresk1.exe
Filesize: 887296
MD5: f7345bfa280a6f1e28016860b261dd76
SHA1: dae31311aeca0be4f3cb124f7e0a6657e17623e9
SHA256: d547703b6166d59f772d468baff062e1c25e5e8794dc43a135c5f43c1e96f327

Filename: veresk1.exe
Filesize: 893952
MD5: f7813decaa1a840866f724e5046b15bf
SHA1: aba8905d24ee778a7741942018f6039742645e1f
SHA256: b452c68ad5083fdac72da92b07c652d8470aab7a455f9efd5c60fccf8dda3048

Filename: veresk1.exe
Filesize: 882688
MD5: f7994da44ad5ec5995376d7df1c2fa8b
SHA1: e8df3f1300f47e5fe0c1e2252fca268e3a3d6506
SHA256: f8d8413e0b545a50785d978509f06472704c30c1ab368fa84f9df58c6d89a605

Filename: veresk1.exe
Filesize: 883200
MD5: f8c402b1dcec3bd7836305b82f8cb92b
SHA1: 90a804ba770a9fff0fb59a3f787902c854b28fde
SHA256: 52fb42efae7a78f204b74abe6fd30e84c6a54051684f4b1a24572705d385ea65

Filename: veresk1.exe
Filesize: 884224
MD5: f99b188430db7be997006b64062bf90b
SHA1: a8ee788c68d7702676d5d7027d9e13fabed8af71
SHA256: 6a0595d873cd04863a7cc550281a6668ad3b9f30fb048dd7b12468e176d5c9a3

Filename: veresk1.exe
Filesize: 888832
MD5: fbc5eadc397dd9dccb57c795ee8333a6
SHA1: 01606542e13677ee9bb22316f3292e0d5721369e
SHA256: f26d0b505006aa5baedd99331df5f69f81e88137ae76e8a6edf81fc90545d7ab

Filename: veresk1.exe
Filesize: 881664
MD5: fd7ad97eb053bc57ba819606058ea86b
SHA1: a93612735ddd799d9257117789484bc7db4ade72
SHA256: 999a2875ce47103902d484a6d1990b53ac35f4b36c2cfcc96b8e48df66f71c40

...
Hint: Linux command to add the MD5 checksum of file.exe to its filename:
mv ./file.exe ./file.$(md5sum "./file.exe" |cut -d ' ' -f 1).exe
TCP SYN packets were sent to port 80 of 91.122.162.38, 83.17.122.14, 88.132.50.38 and 79.108.43.4

A TCP connection was established on port 80 of 111.255.188.122

http://www.utrace.de/?query=111.255.188.122
Provider: CHTD, Chunghwa Telecom Co., Ltd., Region: Tainan (Taiwan)

An HTTP connection was established with 31.63.236.137

http://www.utrace.de/?query=31.63.236.137
Provider: Provider: PTK-Centertel, Organisation: PTK CENTERTEL mobile data services (Poland)

A TCP connection was established on port 80 of 190.101.8.61

http://www.utrace.de/?query=190.101.8.61
Provider: VTR Banda Ancha S.A., Region: Rancagua (Chili)

Alot of TCP SYN packets were sent to port 80 of 80.245.96.3

http://www.utrace.de/?query=80.245.96.3
Provider: WEBVOICE LLC, Region: Saint Petersburg (Russia)



TR/Kazy.58739 characteristics:
Executes from the cache
Window not visible
Uses the network
Filename: 82.TMP
Filesize: 258048
MD5: 8ba95e7a2fa323238d5587b38a0197cb
SHA1: 919c9c1edbb8fed91765a1e5b7bba40520f7623d
SHA256: 78de242874cd1513ddc5f8527f39cf3b2daf6f81757d6244d92eee0f004d09c0
Established an HTTP connection to 188.72.202.81.

http://www.utrace.de/?query=188.72.202.81
Provider: Leaseweb Germany GmbH (previously netdirekt e. K.)

A hidden directory was created: %USERPROFILE%\Local Settings\Application Data\866d3225\.
The hidden directory contained a hidden directory named U, a hidden file @ with filesize 2048 bytes and a hidden file named X with filesize 54272 which was executed.
Filename: @
Filesize: 2048
MD5: 681537618353f4800c2751842f5c4742
SHA1: 8a0789c1a5a4621fc1afe57aa22211d935d4f660
SHA256: 41a2ebc96abc6722e4a7101b3668701a0071c621c96141dccfa749a0d00e9fb3

Filename: X
Filesize: 54272
MD5: 8d6c2703fcd63468a0b5fc32eadd0597
SHA1: 5d0d1d7378572005295250242cdaf8b431bdc38e
SHA256: fba0bd1cb42350f5d4dd17c604c6889d241b8a922f8fb80659fcfc5bc4fd46dc
TCP SYN packets were sent to TCP port 22292 of various IP addresses.

A process named Idle was created.

Trojan.Agent.PE5, TR/Kazy.58739 infections (%HOMEDRIVE%\DOCUMENTS AND SETTINGS\%USERNAME%\LOCAL SETTINGS\TEMP\??.TMP) were detected by AVG 2012.

Filename: A0082129.exe
Filesize: 254333
MD5: e695ab1722a3b635c033509607eed93f
SHA1: 968f0555572cad01cb9c1013334b790815117eab
SHA256: 56e4505e0cb406ff1ba5df571477cb5465eda5c992113f69927947a4ab419e10
Filename: shared.exe
Filesize: 134144
MD5: f0418bd911e063fe7c8c4cf0e79615d5
SHA1: c2e44322b56a5912f3acbc15deb66692b07ce06e
SHA256: 53a9261f7088091ea27103cad0735cf6071db403ef4afd891af409f102d24e60