Text Example

LAWRENCE KNACHEL IS A TROGLYODYTE PIECE OF SH!T - 3600 VISITORS DAILY WILL KNOW YOUR DAY IS COMING SOON

cctv/cn/ceshi.exe Malware PUP Binaries Hostile DNS requests PCAP file download sample traffic

Download Attachments

  • 1 pcap cctv_cn_ceshi
    Date added: September 27, 2016 11:39 pm Added by: admin File size: 101 KB Downloads: 97

2016-09-27 17:56:38.184481 IP 192.168.1.102.55147 > 75.75.75.75.53: 23520+ A? qhdowv.com. (28)
E..8p…..q#…fKKKK.k.5.$M.[…………qhdowv.com…..
2016-09-27 17:56:38.211366 IP 192.168.1.102.60944 > 75.75.75.75.53: 64327+ A? qhdowv.com.hsd1.md.comcast.net. (48)
E..Lp…..q….fKKKK…5.8…G………..qhdowv.com.hsd1.md.comcast.net…..
2016-09-27 17:56:38.229682 IP 192.168.1.102.60944 > 75.75.76.76.53: 64327+ A? qhdowv.com.hsd1.md.comcast.net. (48)
E..L8b………fKKLL…5.8…G………..qhdowv.com.hsd1.md.comcast.net…..
2016-09-27 17:56:39.229368 IP 192.168.1.102.60873 > 88.198.69.43.80: Flags [S], seq 2315049991, win 65535, options [mss 1460,nop,nop,sackOK], length 0
E..0..@….A…fX.E+…P……..p……………
2016-09-27 17:56:40.497040 IP 192.168.1.102.60945 > 75.75.75.75.53: 21844+ A? jyudki.com. (28)
E..8p…..q …fKKKK…5.$D.UT………..jyudki.com…..
2016-09-27 17:56:40.535914 IP 192.168.1.102.53477 > 75.75.75.75.53: 1650+ A? jyudki.com.hsd1.md.comcast.net. (48)
E..Lp…..q….fKKKK…5.8…r………..jyudki.com.hsd1.md.comcast.net…..
2016-09-27 17:56:40.557571 IP 192.168.1.102.53477 > 75.75.76.76.53: 1650+ A? jyudki.com.hsd1.md.comcast.net. (48)
E..L8e………fKKLL…5.8…r………..jyudki.com.hsd1.md.comcast.net…..
2016-09-27 17:56:41.617072 IP 192.168.1.102.60320 > 162.125.34.129.443: Flags [P.], seq 5382:6279, ack 1543, win 32446, length 897
E…    .@…fU…f.}”……..7….P.~………|1TI……:wW.k>.[s?._..h….E.h..NU…I7T.:.S5#Y..8R..B.]..+7..”……{DE…5..ag….W’..N….R.V…pt~..%.%.E……….}l.;…%…………O.D..m.n4.  .58.aO……b..z..Y.DV4M.2….Z`G.)….@.U.S..rv%…    .;’…)….@..’.%w..X.WJj.. .-…V..S’..w.Q..(50..77D….u>U..*_..W.’m…….s.dWW…qe………..].2.U….6.#,x)~.Z.>..L….g…..S…#..U…….c^Vn.u._J..gp…..@..~U…)..+.Jy….D…..’………..f..&..,1….;S…6…ml
K…p@YE-…….?_C…..0.%@……….8?..GtL%V.RT_.aUHj..Q=………P@?r..!…..5…~..%….!.AE…4..N.Tn..3.-….T*..3X
.`.5.+\..(>o+.’.7.0……`.=.B9….p.{…il     LM..fqIC..SH8h…k.E..{HZ.1…….g7.T.znH….a……8…X.`….i.L~l[=……?QgWd.%[.}>x../…kK……CH.y…”.@.`..x..?…\c..rO..b.!…b     a.k]……..L..”Y,.u.p
…Y.|…+.<.NK2…..)…………B<go…k1.z4.fc%C!.I…C.. .f..X……]….|en…….N…c……f…8`……..o.}+..p…3:..Y…/..
2016-09-27 17:56:41.963704 IP 192.168.1.102.60874 > 54.175.122.20.64400: Flags [S], seq 2297343402, win 8192, options [mss 1460,nop,nop,sackOK], length 0
E..0ER@…B….f6.z………….p. ..X……….
2016-09-27 17:56:47.341338 IP 192.168.1.102.53478 > 75.75.75.75.53: 2906+ A? dtuoez.com. (28)
E..8p…..q….fKKKK…5.$…Z………..dtuoez.com…..
2016-09-27 17:56:47.370706 IP 192.168.1.102.61828 > 75.75.75.75.53: 62834+ A? dtuoez.com.hsd1.md.comcast.net. (48)
E..Lp…..q….fKKKK…5.8.*.r………..dtuoez.com.hsd1.md.comcast.net…..
2016-09-27 17:56:54.295758 IP 192.168.1.102.61829 > 75.75.75.75.53: 64080+ A? mhddos.lyjq.org. (33)
E..=p…..q….fKKKK…5.)$..P………..mhddos.lyjq.org…..
2016-09-27 17:56:54.315241 IP 192.168.1.102.60876 > 54.175.122.20.64400: Flags [S], seq 2886550233, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4ES@…B….f6.z…….B……. ……………..
2016-09-27 17:56:57.214574 IP 192.168.1.102.60877 > 222.186.34.91.10711: Flags [S], seq 72952353, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4%f@….:…f..”[..)..Y*!…… .E……………
2016-09-27 17:56:57.323092 IP 192.168.1.102.60876 > 54.175.122.20.64400: Flags [S], seq 2886550233, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4ET@…B….f6.z…….B……. ……………..
2016-09-27 17:57:00.229413 IP 192.168.1.102.60877 > 222.186.34.91.10711: Flags [S], seq 72952353, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4%g@….9…f..”[..)..Y*!…… .E……………
2016-09-27 17:57:03.338723 IP 192.168.1.102.60876 > 54.175.122.20.64400: Flags [S], seq 2886550233, win 8192, options [mss 1460,nop,nop,sackOK], length 0
E..0EU@…B….f6.z…….B…..p. ..   ……….
2016-09-27 17:57:06.229377 IP 192.168.1.102.60877 > 222.186.34.91.10711: Flags [S], seq 72952353, win 8192, options [mss 1460,nop,nop,sackOK], length 0
E..0%h@….<…f..”[..)..Y*!….p. .Y………..
2016-09-27 17:57:15.560700 IP 192.168.1.102.61830 > 75.75.75.75.53: 32384+ A? mhddos.lyjq.org. (33)
E..=p…..q….fKKKK…5.)..~…………mhddos.lyjq.org…..

Leave a Reply