0.exe Malware Analysis www.wikiplum.com 192.230.92.93.9999 PCAP file download

2016-09-26 20:48:03.125841 IP 192.168.1.102.52041 > 75.75.75.75.53: 298+ A? www.wikiplum.com. (34)
E..>e{….|….fKKKK.I.5.*…*………..www.wikiplum.com…..
2016-09-26 20:48:03.206223 IP 192.168.1.102.58134 > 192.230.92.93.9999: Flags [S], seq 519300123, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4I.@……..f..\]..’……….. .b……………
2016-09-26 20:48:03.269296 IP 192.168.1.102.58134 > 192.230.92.93.9999: Flags [.], ack 150953040, win 256, length 0
E..(I.@……..f..\]..’…….\PP…\………
2016-09-26 20:48:03.499267 IP 192.168.1.102.58134 > 192.230.92.93.9999: Flags [P.], seq 0:217, ack 1, win 256, length 217
E…I.@……..f..\]..’…….\PP…….Gh0st….L…x.K..c…..
..@……..S..2.S………….+02,.5g…. =.|\…K.[b..8..N… 5..9.*…X…@}LP.l = y……..
…g….T..p……+.Z.”M..tM.L..\……/……f.%..2p..u.*w9..l’.} .    …l…”.T..u3….. zA..p.+.
2016-09-26 20:48:03.547310 IP 192.168.1.102.58134 > 192.230.92.93.9999: Flags [.], ack 822, win 253, length 0
E..(I.@……..f..\]..’……._.P…X………
2016-09-26 20:48:03.584040 IP 192.168.1.102.58134 > 192.230.92.93.9999: Flags [P.], seq 217:222, ack 822, win 253, length 5
E..-I.@……..f..\]..’……._.P…m   ..Gh0st.
2016-09-26 20:48:03.584941 IP 192.168.1.102.58134 > 192.230.92.93.9999: Flags [F.], seq 222, ack 822, win 253, length 0
E..(I.@……..f..\]..’……._.P…X………

Share

Leave a Reply