hkmh.exe & inte.exe Binary Malware PUP Analysis PCAP File Sample Traffic Download gov.g0v.pw

Download Attachments

  • 1 pcap hkmh_inte_exe
    Date added: September 27, 2016 11:39 pm Added by: admin File size: 197 KB Downloads: 82

2016-09-27 18:09:34.230114 IP 192.168.1.102.61432 > 124.173.118.14.8888: Flags [S], seq 2954653965, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4S@@……..f|.v…”…q……. .fk…………..
2016-09-27 18:09:34.323529 IP 192.168.1.102.61431 > 103.249.104.152.8091: Flags [S], seq 3901633695, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4.U@…V….fg.h…….4……. ……………..
2016-09-27 18:09:34.995313 IP 192.168.1.102.61432 > 124.173.118.14.8888: Flags [S], seq 2954653965, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4SA@……..f|.v…”…q……. .fk…………..
2016-09-27 18:09:35.073479 IP 192.168.1.102.61431 > 103.249.104.152.8091: Flags [S], seq 3901633695, win 8192, options [mss 1460,nop,nop,sackOK], length 0
E..0.V@…V….fg.h…….4…..p. ………….
2016-09-27 18:09:35.745328 IP 192.168.1.102.61432 > 124.173.118.14.8888: Flags [S], seq 2954653965, win 8192, options [mss 1460,nop,nop,sackOK], length 0
E..0SB@……..f|.v…”…q…..p. .zz……….
2016-09-27 18:09:35.761420 IP 192.168.1.102.61433 > 103.249.104.152.8091: Flags [S], seq 3338610221, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4.W@…V….fg.h…….&-…… ……………..
2016-09-27 18:09:36.511009 IP 192.168.1.102.61433 > 103.249.104.152.8091: Flags [S], seq 3338610221, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4.X@…V….fg.h…….&-…… ……………..
2016-09-27 18:09:37.261031 IP 192.168.1.102.61433 > 103.249.104.152.8091: Flags [S], seq 3338610221, win 8192, options [mss 1460,nop,nop,sackOK], length 0
E..0.Y@…V….fg.h…….&-….p. ………….
2016-09-27 18:09:37.810421 IP 192.168.1.102.55991 > 75.75.75.75.53: 23466+ A? gov.g0v.pw. (28)
E..8r…..o….fKKKK…5.$O<[…………gov.g0v.pw…..
2016-09-27 18:09:37.835742 IP 192.168.1.102.61434 > 103.249.104.152.8091: Flags [S], seq 1937124752, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4.Z@…V….fg.h…..sv-……. ……………..
2016-09-27 18:09:38.060270 IP 192.168.1.102.55992 > 75.75.75.75.53: 6873+ A? zebing520.vicp.cc. (35)
E..?r…..o….fKKKK…5.+.;…………        zebing520.vicp.cc…..
2016-09-27 18:09:38.311229 IP 192.168.1.102.61435 > 124.173.118.14.8888: Flags [S], seq 47711544, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4SC@……..f|.v…”….8…… ……………..
2016-09-27 18:09:38.573506 IP 192.168.1.102.61434 > 103.249.104.152.8091: Flags [S], seq 1937124752, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4.[@…V….fg.h…..sv-……. ……………..
2016-09-27 18:09:39.139206 IP 192.168.1.102.61435 > 124.173.118.14.8888: Flags [S], seq 47711544, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4SD@……..f|.v…”….8…… ……………..
2016-09-27 18:09:39.323553 IP 192.168.1.102.61434 > 103.249.104.152.8091: Flags [S], seq 1937124752, win 8192, options [mss 1460,nop,nop,sackOK], length 0
E..0.\@…V….fg.h…..sv-…..p. ………….
2016-09-27 18:09:39.886094 IP 192.168.1.102.61435 > 124.173.118.14.8888: Flags [S], seq 47711544, win 65535, options [mss 1460,nop,nop,sackOK], length 0
E..0SE@……..f|.v…”….8….p……………
2016-09-27 18:09:40.027137 IP 192.168.1.102.61436 > 103.249.104.152.8091: Flags [S], seq 2973709115, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4.]@…V….fg.h……?3;…… ..]…………..
2016-09-27 18:09:40.273760 IP 192.168.1.102.61437 > 83.133.119.197.80: Flags [S], seq 2497626307, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4$~@…H….fS.w….P………. .{……………
2016-09-27 18:09:40.464533 IP 192.168.1.102.61438 > 124.173.118.14.8888: Flags [S], seq 152959534, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4SF@……..f|.v…”.        ……… ..C…………..

Leave a Reply