Text Example

copticorphans.org Ransomware Malware PCAP file download Traffic Sample

Download Attachments

  • 1 pcap jpg
    Date added: May 30, 2019 7:03 am Added by: admin File size: 1 MB Downloads: 46

https://www.virustotal.com/fr/file/c7a14d6a1b72355952781787317f345753dab98c43b80127db2de62a89f0ce10/analysis/
SHA256: c7a14d6a1b72355952781787317f345753dab98c43b80127db2de62a89f0ce10

Nom du fichier : 1c.jpg
Ratio de détection : 32 / 72
Date d’analyse : 2019-05-29 14:27:51 UTC (il y a 16 heures, 28 minutes)

2019-05-29 21:44:21.090952 IP 10.1.10.162.49185 > 93.191.156.122.80: Flags [P.], seq 2960318675:2960319109, ack 288044427, win 16425, length 434: HTTP: GET /blogs/media/1c.jpg HTTP/1.1
E…..@….n
.
.]..z.!.P.r…+5.P.@)E…GET /blogs/media/1c.jpg HTTP/1.1
Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, /
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)
Accept-Encoding: gzip, deflate
Host: vision4cph.com
Connection: Keep-Alive

2019-05-29 21:44:21.204625 IP 93.191.156.122.80 > 10.1.10.162.49185: Flags [P.], seq 1461:2413, ack 434, win 123, length 952: HTTP
E …A@.2…]..z
.
..P.!.+;?.r..P..{.4..hostname

The site you are trying to reach could be suspended, deleted or DNS could be incorrect

This domain is hosted by UnoEuro

SupportControlpanel

WebhotelDomains


2019-05-29 21:44:21.565707 IP 10.1.10.162.49187 > 94.231.106.23.80: Flags [P.], seq 500259223:500259593, ack 2801741812, win 16425, length 370: HTTP: GET /splash.css HTTP/1.1
E…..@…..
.
.^.j..#.P..Y…/.P.@)._..GET /splash.css HTTP/1.1
Accept: /
Referer: http://vision4cph.com/blogs/media/1c.jpg
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)
Accept-Encoding: gzip, deflate
Host: splash.unoeuro.com
Connection: Keep-Alive

2019-05-29 21:44:21.566770 IP 10.1.10.162.49186 > 94.231.106.23.80: Flags [P.], seq 422854994:422855366, ack 3696602173, win 16425, length 372: HTTP: GET /hostedby.png HTTP/1.1
E…..@…..
.
.^.j..”.P.4AR.U.=P.@).T..GET /hostedby.png HTTP/1.1
Accept: /
Referer: http://vision4cph.com/blogs/media/1c.jpg
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)
Accept-Encoding: gzip, deflate
Host: splash.unoeuro.com
Connection: Keep-Alive

2019-05-29 21:45:48.303893 IP 10.1.10.162.49197 > 67.205.132.158.443: Flags [P.], seq 730561231:730561361, ack 3595014057, win 16425, length 130
E…..@…..
.
.C….-..+.z..G..P.@).p……}…y…5i(…05..J#
…27..;Q.fmV.sg…../.5…
….. .
.2.8…….8…………..copticorphans.org……….
…………..
2019-05-29 21:45:48.331867 IP 67.205.132.158.443 > 10.1.10.162.49197: Flags [P.], seq 2921:3577, ack 130, win 237, length 656
E ….@.4.Z4C…
.
….-.G..+.{QP…$….20190529060000Z….20190605060000Z0.. .H………….dK..14.,?….3.$.c..eWa./..v..>r .”f.U.4K,. M..di.Z…q……t……2…v…..t…@k……..rkP…z.b.0.c....m..x..:s..rg_%;O.'...f*:....F~.ToN.....y.#..!+..:..^h.J..9...."..q.......@..f...l.v.....y.?.(..g..../...)...Ph....|....e<!5.C.h.S....c...r._T....|....K...G...A.F....d.d...6o.wN.N.......~..!....c.L..K.z...6?.q.UO.)^^Y......R....Kw\{...PIs...S'.N..+eD.(....7........jhh.cS.F.I^.yu.P..x..#.j.|..k.x..3e....0ZUk=7|F.V....'.%...%....f"2.n...T...^.,...^..8..Y2. J.....[.\....=.P3-....=....*V.*@.%.....go<.up..h.6g 1.........}UH,}5..*7{#....m..B..v..:+....t}a....:0.4......+ CW~.....&...._......... 2019-05-29 21:45:48.342006 IP 10.1.10.162.49197 > 67.205.132.158.443: Flags [P.], seq 130:264, ack 3577, win 16425, length 134 E.....@..... . .C....-..+.{Q.G..P.@)........F...BA....C............E:..z....^.w.'.....qW.K.V.L=T;/t......_..h....U...........0.&...0ZZ%.^s8z…bx9…W.m…=hr..L.ZK….%…
2019-05-29 21:45:48.360582 IP 67.205.132.158.443 > 10.1.10.162.49197: Flags [P.], seq 3577:3636, ack 264, win 245, length 59
E .c..@.4..C…
.
….-.G..+.{.P…h………….0S.E…….5….o..R.$..LFPR….3.s.”\,”!.”r.@
..
2019-05-29 21:45:48.384865 IP 10.1.10.162.49197 > 67.205.132.158.443: Flags [P.], seq 264:589, ack 3636, win 16410, length 325
E..m..@…..
.

Leave a Reply