BETONLINE.AG poker betonline.ag PCAP file download Traffic Analysis Sample

Betonline.ag poker site pcap traffic sample   2017-09-25 15:49:10.187283 IP 192.168.1.102.57820 > 75.75.75.75.53: 27634+ A? poker.betonline.ag. (36) E..@.-………fKKKK…5.,[‘k…………poker betonline.ag….. 2017-09-25 15:49:12.457700 IP 192.168.1.102.49694 > 50.22.136.104.5938: Flags [P.], seq 1454268158:1454268182, ack 2127766518, win 32458, length 24 E..@T.@…)….f2..h…2V.^.~.#.P.~..F…0…………………. 2017-09-25 15:49:12.589103 IP 192.168.1.102.49694 > 50.22.136.104.5938: Flags [.], ack 25, win 32452, length 0 E..(T.@…)….f2..h…2V._.~.$.P.~……….. 2017-09-25 15:49:47.366759 IP 192.168.1.102.49487 > 75.75.75.75.53: 8606+ A? www.google-analytics.com. (42) E..F………..fKKKK.O.5.2.;!…………www.google-analytics.com….. 2017-09-25 15:49:49.584408 IP 192.168.1.102.52369 > 75.75.75.75.53: 10203+ A? poker.tigergaming.com. (39) E..C./………fKKKK…5./D.’…………poker.tigergaming.com….. 2017-09-25 15:49:49.615175 IP 192.168.1.102.52369 > 75.75.76.76.53: 10203+ A? poker.tigergaming.com. (39) E..C<……….fKKLL…5./C.’…………poker.tigergaming.com….. 2017-09-25 15:50:07.611927 IP 192.168.1.102.49694 > 50.22.136.104.5938: Flags [P.], seq 24:48, ack 25, win 32452, length 24 […]

Possible Poweliks Variant Trojan Malware Adware Pay-per-Download Bitcoin Cryptocurrency PCAP file download traffic sample

  ESET-NOD32 NSIS/TrojanDownloader.Agent.NVZ 20170703 Fortinet W32/Agent.NVS!tr.dldr 20170629 Invincea heuristic 20170607 Kaspersky Trojan.Win32.Poweliks.adbd 20170703 McAfee Artemis!DD96CB7EFE6D 20170703 McAfee-GW-Edition BehavesLike.Win32.Vopak.kc 20170703 Microsoft Trojan:Win32/Starter.P 20170703 Palo Alto Networks (Known Signatures) generic.ml 20170703 Qihoo-360 Win32/Trojan.1e3 20170703 Rising Adware.ConvertAd!1.A1B5 (cloud:zJ49DXPzuCC) 20170703 SentinelOne (Static ML) static engine – malicious 20170516 Sophos Mal/Generic-S 20170703 Tencent Nsis.Trojan-downloader.Agent.Wuqw 20170703 TrendMicro-HouseCall Suspicious_GEN.F47V0703 20170703 VBA32 suspected of Trojan.Downloader.gen.h 20170630 VIPRE Trojan.Win32.Generic!BT 20170703 ZoneAlarm by Check Point Trojan.Win32.Poweliks.adbd 20170703   SHA256: f1877f0fd9bcaa4ee4498eb8f7c55cf2086313f2209caa18ef597898d2376e72 File name: lnk.php Detection ratio: 25 / 61 Analysis date: 2017-07-03 21:51:38 UTC ( 0 minutes ago )   https://virustotal.com/en/file/f1877f0fd9bcaa4ee4498eb8f7c55cf2086313f2209caa18ef597898d2376e72/analysis/1499118698/   2017-07-03 15:34:00.193162 IP 192.168.1.102.60285 > 198.50.183.24.80: Flags [P.], seq […]