Cerber Ransomware Malware Crimeware 77.12.57.x 87.98.176.x PCAP txt File Download Traffic Sample

Download Attachments

  • 1 txt cerber
    Date added: July 3, 2017 10:47 pm Added by: admin File size: 328 KB Downloads: 119
SHA256: 3929550c9f06e66ccf15aca4808fc9e2f21ee14e343a29ac1b3232e402364c57
File name: 1
Detection ratio: 21 / 61
Analysis date: 2017-07-03 22:43:32 UTC ( 0 minutes ago )
AhnLab-V3 Trojan/Win32.Cerber.C2028306 20170703
Avast Win32:Malware-gen 20170703
AVG Win32:Malware-gen 20170703
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20170703
Bkav HW32.Packed.4068 20170703
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20170420
Cyren W32/Cerber.F.gen!Eldorado 20170703
DrWeb Trojan.Siggen7.24571 20170703
Emsisoft Trojan-Ransom.Cerber (A) 20170703
Endgame malicious (high confidence) 20170629
ESET-NOD32 a variant of Win32/GenKryptik.AMYN 20170703
F-Prot W32/Cerber.F.gen!Eldorado 20170703
Invincea heuristic 20170607
McAfee Ransomware-GAQ!4F796AC47AB1 20170703
Qihoo-360 HEUR/QVM20.1.3E97.Malware.Gen 20170703
Rising Trojan.Kryptik!1.AACA (classic) 20170703
SentinelOne (Static ML) static engine – malicious 20170516
Symantec Ransom.Cerber 20170703
TrendMicro Ransom_HPCERBER.SMALY5A 20170703

 

2017-07-03 15:56:12.852094 IP 192.168.1.102.60671 > 103.52.216.15.80: Flags [P.], seq 0:387, ack 1, win 261, length 387: HTTP: GET /1 HTTP/1.1
E…ko@……..fg4…..P.`..e@h.P….L..GET /1 HTTP/1.1
Accept: image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, */*
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729)
Accept-Encoding: gzip, deflate
Host: dbvopeoo.top
Connection: Keep-Alive

 

2017-07-03 15:56:36.340777 IP 192.168.1.102.50642 > 77.12.57.0.6893: UDP, length 25
E..5l……….fM.9……!7.5d250b9731550098970000073
2017-07-03 15:56:36.340860 IP 192.168.1.102.50642 > 77.12.57.1.6893: UDP, length 25
E..5B……….fM.9……!7.5d250b9731550098970000073
2017-07-03 15:56:36.340916 IP 192.168.1.102.50642 > 77.12.57.2.6893: UDP, length 25
E..5{u….x&…fM.9……!6.5d250b9731550098970000073
2017-07-03 15:56:36.340921 IP 192.168.1.102.50642 > 77.12.57.3.6893: UDP, length 25
E..5U……….fM.9……!6.5d250b9731550098970000073
2017-07-03 15:56:36.340968 IP 192.168.1.102.50642 > 77.12.57.4.6893: UDP, length 25
E..5g……….fM.9……!6.5d250b9731550098970000073
2017-07-03 15:56:36.341039 IP 192.168.1.102.50642 > 77.12.57.5.6893: UDP, length 25
E..5IQ…..G…fM.9……!6.5d250b9731550098970000073
2017-07-03 15:56:36.341043 IP 192.168.1.102.50642 > 77.12.57.6.6893: UDP, length 25
E..5p……….fM.9……!6.5d250b9731550098970000073
2017-07-03 15:56:36.341112 IP 192.168.1.102.50642 > 77.12.57.7.6893: UDP, length 25
E..5^:…..\…fM.9……!6.5d250b9731550098970000073
2017-07-03 15:56:36.341164 IP 192.168.1.102.50642 > 77.12.57.8.6893: UDP, length 25
E..5)……….fM.9……!6.5d250b9731550098970000073
2017-07-03 15:56:36.341169 IP 192.168.1.102.50642 > 77.12.57.9.6893: UDP, length 25
E..5.5….._…fM.9    …..!6.5d250b9731550098970000073
2017-07-03 15:56:36.341216 IP 192.168.1.102.50642 > 77.12.57.10.6893: UDP, length 25
E..5>……….fM.9
…..!6.5d250b9731550098970000073
2017-07-03 15:56:36.341289 IP 192.168.1.102.50642 > 77.12.57.11.6893: UDP, length 25
E..5.^…..4…fM.9……!6.5d250b9731550098970000073
2017-07-03 15:56:36.341294 IP 192.168.1.102.50642 > 77.12.57.12.6893: UDP, length 25
E..5″x………fM.9……!6.5d250b9731550098970000073
2017-07-03 15:56:36.341372 IP 192.168.1.102.50642 > 77.12.57.13.6893: UDP, length 25
E..5………..fM.9……!6.5d250b9731550098970000073
2017-07-03 15:56:36.341423 IP 192.168.1.102.50642 > 77.12.57.14.6893: UDP, length 25
E..55!…..n…fM.9……!6.5d250b9731550098970000073
2017-07-03 15:56:36.341523 IP 192.168.1.102.50642 > 77.12.57.15.6893: UDP, length 25
E..5………..fM.9……!6.5d250b9731550098970000073
2017-07-03 15:56:36.341527 IP 192.168.1.102.50642 > 77.12.57.16.6893: UDP, length 25
E..5………..fM.9……!6.5d250b9731550098970000073
2017-07-03 15:56:36.341606 IP 192.168.1.102.50642 > 77.12.57.17.6893: UDP, length 25
E..5 -….._…fM.9……!6.5d250b9731550098970000073
2017-07-03 15:56:36.341610 IP 192.168.1.102.50642 > 77.12.57.18.6893: UDP, length 25
E..5………..fM.9……!6.5d250b9731550098970000073
2017-07-03 15:56:36.341701 IP 192.168.1.102.50642 > 77.12.57.19.6893: UDP, length 25
E..57v………fM.9……!6.5d250b9731550098970000073
2017-07-03 15:56:36.341705 IP 192.168.1.102.50642 > 77.12.57.20.6893: UDP, length 25
E..5.p………fM.9……!6.5d250b9731550098970000073
2017-07-03 15:56:36.341779 IP 192.168.1.102.50642 > 77.12.57.21.6893: UDP, length 25
E..5+……….fM.9……!6.5d250b9731550098970000073
2017-07-03 15:56:36.341829 IP 192.168.1.102.50642 > 77.12.57.22.6893: UDP, length 25
E..5.9…..N…fM.9……!6.5d250b9731550098970000073
2017-07-03 15:56:36.341833 IP 192.168.1.102.50642 > 77.12.57.23.6893: UDP, length 25
E..5<……….fM.9……!6.5d250b9731550098970000073
2017-07-03 15:56:36.341884 IP 192.168.1.102.50642 > 77.12.57.24.6893: UDP, length 25
E..5KT…..1…fM.9……!6.5d250b9731550098970000073
2017-07-03 15:56:36.341950 IP 192.168.1.102.50642 > 77.12.57.25.6893: UDP, length 25
E..5e……….fM.9……!6.5d250b9731550098970000073

2017-07-03 15:56:42.788139 IP 192.168.1.102.50643 > 87.98.176.53.6893: UDP, length 14
E..*R3………fWb.5……._5d250b973155ab….
2017-07-03 15:56:42.788228 IP 192.168.1.102.50643 > 87.98.176.54.6893: UDP, length 14
E..*x……g…fWb.6…….^5d250b973155ab….
2017-07-03 15:56:42.788391 IP 192.168.1.102.50643 > 87.98.176.55.6893: UDP, length 14
E..*^……c…fWb.7…….]5d250b973155ab….
2017-07-03 15:56:42.788441 IP 192.168.1.102.50643 > 87.98.176.56.6893: UDP, length 14
E..*1…..@….fWb.8…….\5d250b973155ab….
2017-07-03 15:56:42.788497 IP 192.168.1.102.50643 > 87.98.176.57.6893: UDP, length 14
E..*……jB…fWb.9…….[5d250b973155ab….
2017-07-03 15:56:42.788589 IP 192.168.1.102.50643 > 87.98.176.58.6893: UDP, length 14
E..*>X….3….fWb.:…….Z5d250b973155ab….
2017-07-03 15:56:42.788696 IP 192.168.1.102.50643 > 87.98.176.59.6893: UDP, length 14
E..*……X….fWb.;…….Y5d250b973155ab….
2017-07-03 15:56:42.788898 IP 192.168.1.102.50643 > 87.98.176.60.6893: UDP, length 14
E..*+…..F….fWb.<…….X5d250b973155ab….
2017-07-03 15:56:42.788973 IP 192.168.1.102.50643 > 87.98.176.61.6893: UDP, length 14
E..*.^….e….fWb.=…….W5d250b973155ab….
2017-07-03 15:56:42.789068 IP 192.168.1.102.50643 > 87.98.176.62.6893: UDP, length 14
E..*5…..<5…fWb.>…….V5d250b973155ab….
2017-07-03 15:56:42.789429 IP 192.168.1.102.50643 > 87.98.176.63.6893: UDP, length 14
E..*#…..Nv…fWb.?…….U5d250b973155ab….
2017-07-03 15:56:42.789620 IP 192.168.1.102.50643 > 87.98.176.64.6893: UDP, length 14
E..*……j5…fWb.@…….T5d250b973155ab….
2017-07-03 15:56:42.789738 IP 192.168.1.102.50643 > 87.98.176.65.6893: UDP, length 14
E..*1…..@n…fWb.A…….S5d250b973155ab….
2017-07-03 15:56:42.789935 IP 192.168.1.102.50643 > 87.98.176.66.6893: UDP, length 14
E..*.$….X….fWb.B…….R5d250b973155ab….
2017-07-03 15:56:42.789991 IP 192.168.1.102.50643 > 87.98.176.67.6893: UDP, length 14
E..*>`….3….fWb.C…….Q5d250b973155ab….
2017-07-03 15:56:42.789995 IP 192.168.1.102.50643 > 87.98.176.68.6893: UDP, length 14
E..*.f….e….fWb.D…….P5d250b973155ab….
2017-07-03 15:56:42.790091 IP 192.168.1.102.50643 > 87.98.176.69.6893: UDP, length 14
E..*+”….F….fWb.E…….O5d250b973155ab….
2017-07-03 15:56:42.790251 IP 192.168.1.102.50643 > 87.98.176.70.6893: UDP, length 14
E..*#…..Ni…fWb.F…….N5d250b973155ab….
2017-07-03 15:56:42.790311 IP 192.168.1.102.50643 > 87.98.176.71.6893: UDP, length 14
E..*5…..<“…fWb.G…….M5d250b973155ab….
2017-07-03 15:56:42.790363 IP 192.168.1.102.50643 > 87.98.176.72.6893: UDP, length 14
E..*J…..’….fWb.H…….L5d250b973155ab….
2017-2017-07-03 15:56:36.340777 IP 192.168.1.102.50642 > 77.12.57.0.6893: UDP, length 25
E..5l……….fM.9……!7.5d250b9731550098970000073

Leave a Reply