DDOS.exe Malware File Sample botnet traffic DNS lookups ddos.lyjq.org mauwcc.com PCAP file download

Download Attachments

  • 1 pcap ddos_exe
    Date added: September 27, 2016 4:01 am Added by: admin File size: 43 KB Downloads: 121

2016-09-26 23:15:10.182608 IP 192.168.1.102.54897 > 75.75.75.75.53: 60216+ A? ddos.lyjq.org. (31)
E..;ht….y….fKKKK.q.5.’…8………..ddos.lyjq.org…..
2016-09-26 23:15:10.186827 IP 192.168.1.102.54898 > 75.75.75.75.53: 13874+ A? ilo.brenz.pl. (30)
E..:hu….y….fKKKK.r.5.&..62………..ilo.brenz.pl…..
2016-09-26 23:15:10.469219 IP 192.168.1.102.58669 > 148.81.111.121.80: Flags [S], seq 4095182811, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@…._…f.Qoy.-.P………. .’……………
2016-09-26 23:15:11.184190 IP 192.168.1.102.54899 > 75.75.75.75.53: 60216+ A? ddos.lyjq.org. (31)
E..;hv….y….fKKKK.s.5.’…8………..ddos.lyjq.org…..
2016-09-26 23:15:11.228242 IP 192.168.1.102.56868 > 75.75.75.75.53: 16366+ A? ddos.lyjq.org.hsd1.md.comcast.net. (51)
E..Ohw….y….fKKKK.$.5.;.5?…………ddos.lyjq.org.hsd1.md.comcast.net…..
2016-09-26 23:15:11.245785 IP 192.168.1.102.56868 > 75.75.76.76.53: 16366+ A? ddos.lyjq.org.hsd1.md.comcast.net. (51)
E..O/……….fKKLL.$.5.;.4?…………ddos.lyjq.org.hsd1.md.comcast.net…..
2016-09-26 23:15:12.167789 IP 192.168.1.102.54897 > 75.75.76.76.53: 60216+ A? ddos.lyjq.org. (31)
E..;/…… …fKKLL.q.5.’…8………..ddos.lyjq.org…..
2016-09-26 23:15:13.480164 IP 192.168.1.102.58669 > 148.81.111.121.80: Flags [S], seq 4095182811, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@….^…f.Qoy.-.P………. .’……………
2016-09-26 23:15:14.167662 IP 192.168.1.102.54897 > 75.75.75.75.53: 60216+ A? ddos.lyjq.org. (31)
E..;hz….y….fKKKK.q.5.’…8………..ddos.lyjq.org…..
2016-09-26 23:15:16.167700 IP 192.168.1.102.54897 > 75.75.76.76.53: 60216+ A? ddos.lyjq.org. (31)
E..;/……….fKKLL.q.5.’…8………..ddos.lyjq.org…..
2016-09-26 23:15:16.853328 IP 192.168.1.102.60073 > 75.75.75.75.53: 56526+ A? oem.twimg.com. (31)
E..;h|….y….fKKKK…5.’.[………….oem.twimg.com…..
2016-09-26 23:15:16.871035 IP 192.168.1.102.60073 > 75.75.76.76.53: 56526+ A? oem.twimg.com. (31)
E..;/……….fKKLL…5.’.Z………….oem.twimg.com…..

016-09-26 23:16:19.185916 IP 192.168.1.102.64906 > 75.75.75.75.53: 20626+ A? iipjec.com. (28)
E..8h…..y….fKKKK…5.$I.P…………iipjec.com…..
2016-09-26 23:16:19.218150 IP 192.168.1.102.58263 > 75.75.75.75.53: 57575+ A? iipjec.com.hsd1.md.comcast.net. (48)
E..Lh…..yp…fKKKK…5.8……………iipjec.com.hsd1.md.comcast.net…..
2016-09-26 23:16:19.246385 IP 192.168.1.102.58263 > 75.75.76.76.53: 57575+ A? iipjec.com.hsd1.md.comcast.net. (48)
E..L0……….fKKLL…5.8……………iipjec.com.hsd1.md.comcast.net…..
2016-09-26 23:16:21.498176 IP 192.168.1.102.58264 > 75.75.75.75.53: 47878+ A? tsxray.com. (28)
E..8h…..y….fKKKK…5.$.h………….tsxray.com…..
2016-09-26 23:16:21.527726 IP 192.168.1.102.64418 > 75.75.75.75.53: 63425+ A? tsxray.com.hsd1.md.comcast.net. (48)
E..Lh…..ym…fKKKK…5.8……………tsxray.com.hsd1.md.comcast.net…..
2016-09-26 23:16:23.810585 IP 192.168.1.102.64419 > 75.75.75.75.53: 58808+ A? mauwcc.com. (28)
E..8h…..y….fKKKK…5.$……………mauwcc.com…..
2016-09-26 23:16:23.842483 IP 192.168.1.102.52017 > 75.75.75.75.53: 16006+ A? mauwcc.com.hsd1.md.comcast.net. (48)

2016-09-26 23:16:26.123334 IP 192.168.1.102.52018 > 75.75.75.75.53: 33495+ A? liaect.com. (28)
E..8h…..y}…fKKKK.2.5.$>…………..liaect.com…..
2016-09-26 23:16:26.152325 IP 192.168.1.102.59819 > 75.75.75.75.53: 35124+ A? liaect.com.hsd1.md.comcast.net. (48)
E..Lh…..yh…fKKKK…5.8]P.4………..liaect.com.hsd1.md.comcast.net…..
2016-09-26 23:16:26.183678 IP 192.168.1.102.59819 > 75.75.76.76.53: 35124+ A? liaect.com.hsd1.md.comcast.net. (48)
E..L0……….fKKLL…5.8\O.4………..liaect.com.hsd1.md.comcast.net…..
2016-09-26 23:16:28.435804 IP 192.168.1.102.59820 > 75.75.75.75.53: 5926+ A? xeeaas.com. (28)
E..8h…..yz…fKKKK…5.$.D.&………..xeeaas.com…..
2016-09-26 23:16:28.467312 IP 192.168.1.102.64763 > 75.75.75.75.53: 16216+ A? xeeaas.com.hsd1.md.comcast.net. (48)
E..Lh…..ye…fKKKK…5.8..?X………..xeeaas.com.hsd1.md.comcast.net…..
2016-09-26 23:16:28.496189 IP 192.168.1.102.64763 > 75.75.76.76.53: 16216+ A? xeeaas.com.hsd1.md.comcast.net. (48)
E..L0……….fKKLL…5.8..?X………..xeeaas.com.hsd1.md.comcast.net…..
2016-09-26 23:16:30.763929 IP 192.168.1.102.64764 > 75.75.75.75.53: 5521+ A? ruobee.com. (28)
E..8h…..yw…fKKKK…5.$……………ruobee.com…..
2016-09-26 23:16:30.792482 IP 192.168.1.102.51185 > 75.75.75.75.53: 53737+ A? ruobee.com.hsd1.md.comcast.net. (48)

Share

Leave a Reply