Text Example

LAWRENCE KNACHEL IS A TROGLYODYTE PIECE OF SH!T - 3600 VISITORS DAILY WILL KNOW YOUR DAY IS COMING SOON

176.114.17.14 chipdd2.exe Unknown Malware Windows Trojan Traffic Sample PCAP file Download

Download Attachments

  • 1 pcap chipdd2
    Date added: October 23, 2016 6:11 am Added by: admin File size: 37 KB Downloads: 114

2016-10-23 00:41:27.456904 IP 192.168.1.102.58685 > 176.103.55.73.80: Flags [P.], seq 0:287, ack 1, win 256, length 287: HTTP: GET /chipdd2.exe HTTP/1.1
E..Gh%@……..f.g7I.=.P..)…..P…….GET /chipdd2.exe HTTP/1.1
Accept: application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, */*
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Accept-Encoding: gzip, deflate
Host: 176.103.55.73
Connection: Keep-Alive


E..(sm@……..f.r…G.P`;`..LE.P…G………
2016-10-23 00:41:43.947220 IP 192.168.1.102.58700 > 176.114.17.14.80: Flags [P.], seq 0:157, ack 1, win 258, length 157: HTTP: GET /file.htm HTTP/1.1
E…sn@….6…f.r…L.P.|’Y0..pP….[..GET /file.htm HTTP/1.1
Host: 176.114.17.14
Content-Length: 164
User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:2.0) Gecko/20100101 Firefox/4.0 Opera 12.14

2016-10-23 00:41:44.101474 IP 192.168.1.102.58698 > 210.92.190.183.80: Flags [S], seq 3229876503, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4ta@…3@…f.\…J.P………. .T……………
2016-10-23 00:41:44.394251 IP 192.168.1.102.58700 > 176.114.17.14.80: Flags [P.], seq 157:321, ack 1, win 258, length 164: HTTP

E..(sp@……..f.r…L.P.|(.0..sP…Y………
2016-10-23 00:41:45.604669 IP 192.168.1.102.58700 > 176.114.17.14.80: Flags [P.], seq 321:472, ack 489, win 256, length 151: HTTP: GET /install.htm HTTP/1.1
E…sq@….9…f.r…L.P.|(.0..XP…….GET /install.htm HTTP/1.1
Host: 176.114.17.14
Content-Length: 1978
User-Agent: Mozilla/5.0 (Windows NT 5.0; rv:21.0) Gecko/20100101 Firefox/21.0

 

IPs contacted:

 

89.218.35.178
178.151.118.179
37.200.41.180
78.27.145.183
14.97.72.184
197.255.26.41
60.243.216.48
46.120.217.49
128.73.239.49
212.90.161.51
175.101.82.52
5.105.123.62
212.66.58.64
41.207.10.68
89.47.95.70

95.56.225.191
46.160.62.193
194.146.199.200
134.249.205.201
1.231.63.208
211.133.222.121
85.237.145.125
82.112.60.129
93.125.94.132
5.250.139.132
78.139.242.15
77.122.172.16
37.229.169.17
193.232.26.19
176.112.136.21
46.241.240.140
178.72.134.153
14.116.174.153

Leave a Reply